DSA-2024-397: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities
摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
High
詳細資料
| Third-Party Component | CVEs | More information |
|---|---|---|
| BIOS | CVE-2023-49141, CVE-2024-24853, CVE-2024-21871, CVE-2024-22374, CVE-2024-24980, CVE-2024-38303, CVE-2024-38304 | DSA-2024-160: CVE-2023-49141 DSA-2024-308: CVE-2024-24853 DSA-2024-359: CVE-2024-22374 See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  |
| iDRAC9 | CVE-2024-6387, CVE-2024-25943, CVE-2024-38433 | DSA-2024-342: CVE-2024-6387 DSA-2024-099: CVE-2024-25943 DSA-2024-223: CVE-2024-38433 See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
受影響的產品與補救措施
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F200 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F600 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F900 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale B100 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale P100 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F210 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F710 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F910 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F200 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F600 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale F900 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale B100 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-6387, CVE-2024-24853, CVE-2024-21871, CVE-2024-25943, CVE-2024-38433, CVE-2024-38303, CVE-2024-38304 | PowerScale P100 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F210 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F710 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
| CVE-2023-49141, CVE-2024-6387, CVE-2024-22374, CVE-2024-25943, CVE-2024-38433, CVE-2024-24980 | PowerScale F910 | PowerScale Node Firmware Package | Versions prior to 12.3 | Version 12.3 or later | PowerScale OneFS Downloads Area |
- We encourage all customers to upgrade to the remediated versions, if an upgrade is not feasible, we recommend customers to review the CVE details further to more accurately determine potential risk to their environment.
- To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 12.3 Release Notes documented in Firmware - PowerScale Info Hub.
修訂歷史記錄
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-10-03 | Initial Release |
相關資訊
法律免責聲明
受影響的產品
PowerScale, Isilon Gen6.5, PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100文章屬性
文章編號: 000231954
文章類型: Dell Security Advisory
上次修改時間: 03 10月 2024
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。