DSA-2026-127: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities
摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Third-Party Component | CVEs | More information |
| AMI AptioV | CVE-2024-42444, CVE-2024-7344 | https://nvd.nist.gov/vuln/search |
| Dell PowerEdge Server BIOS | CVE-2024-45332, CVE-2024-28047, CVE-2024-28956 | DSA-2025-041, DSA-2025-156 |
| OpenSSL | CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2024-13176 | https://nvd.nist.gov/vuln/search |
| Tianocore EDK2 | CVE-2024-38796 | https://nvd.nist.gov/vuln/search |
受影響的產品與補救措施
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| PowerScale A300 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale A3000 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale H700 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale H7000 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| PowerScale A300 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale A3000 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale H700 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
| PowerScale H7000 | PowerScale Node Firmware Package | Versions prior to 13.2.3 | Version 13.2.3 or later | PowerScale OneFS Downloads Area |
Notes:
- We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
- To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 13.2.3 Release Notes documented in Firmware - PowerScale Info Hub.
因應措施與緩解措施
None
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2026-05-06 | Initial Release |
相關資訊
法律免責聲明
受影響的產品
Isilon, PowerScale OneFS, PowerScale Archive A300, PowerScale Archive A3000, PowerScale Hybrid H700, PowerScale Hybrid H7000文章屬性
文章編號: 000461405
文章類型: Dell Security Advisory
上次修改時間: 05 5月 2026
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。