DSA-2025-330: Security update for Dell ObjectScale 4.1.0.0 Multiple Third-Party Component Vulnerabilities

摘要: Dell ObjectScale 4.1.0.0 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

本文章適用於 本文章不適用於 本文無關於任何特定產品。 本文未識別所有產品版本。
查看其他資源

影響

High

詳細資料

Third-party Component CVE More Information
java CVE-2025-30698, CVE-2025-21587, CVE-2024-21217, CVE-2024-21235 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2021-47202, CVE-2024-41087, CVE-2024-50154, CVE-2024-53206, CVE-2024-56570, CVE-2022-49720, CVE-2022-49385, CVE-2022-49384, CVE-2022-49377, CVE-2022-49287, CVE-2022-49270, CVE-2022-49114, CVE-2022-49082,  CVE-2022-49078, CVE-2022-49063, CVE-2022-49058 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies. 
libpython3 CVE-2024-8088, CVE-2024-7592, CVE-2024-6232, CVE-2023-30608, CVE-2024-6923, CVE-2024-9287 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Netty Project CVE-2025-24970, CVE-2025-25193 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
jetty CVE-2024-22201 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python programming language CVE-2025-1795, CVE-2025-0938 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python311-cryptography CVE-2025-3416 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python3-curses CVE-2024-5642, CVE-2023-6597, CVE-2024-0397, CVE-2024-0450, CVE-2024-4032 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python3-Jinja2 CVE-2025-27516 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
python-setuptools CVE-2024-6345 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
spring-security-crypto CVE-2025-22228 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies 建議所有客戶不僅要參考 CVSS 基本分數,也要將可能會影響與特定安全漏洞相關之潛在嚴重性的所有相關暫時和環境分數納入考量。

受影響的產品與補救措施

Product Affected Versions Remediated Versions Link
ObjectScale Versions prior to 4.1.0.0 Version 4.1.0.0 or later  Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-330

 

Product Affected Versions Remediated Versions Link
ObjectScale Versions prior to 4.1.0.0 Version 4.1.0.0 or later  Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-330

 

Note: 

  1. Dell recommends all customers have their ObjectScale systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request. 
  2. Please visit the Security Update Release Schedule for Supported Versions of ObjectScale (formerly ECS) for more information.

因應措施與緩解措施

None

修訂歷史記錄

RevisionDateDescription
1.02025-09-01Initial Release

 

相關資訊

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法律免責聲明

受影響的產品

ECS, ObjectScale, ECS Appliance, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ObjectScale Appliance Software with Encryption, ObjectScale Appliance Software without Encryption , ObjectScale Appliance Series, ObjectScale Software Series ...
文章屬性
文章編號: 000363699
文章類型: Dell Security Advisory
上次修改時間: 01 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。