Product Security Information

Il 10 dicembre 2021 è stata pubblicata una vulnerabilità critica del codice remoto relativa alla libreria Apache Log4j. Successivamente, è stato segnalato CVE-2021-45046. VxRail è influenzato da queste vulnerabilità. Le correzioni e le soluzioni alternative per CVE-2021-44228 e CVE-2021-45046 sono documentate nelle tabelle incluse in questo articolo.

L'avviso di sicurezza della piattaforma server Dell EMC per gli aggiornamenti mensili e 2020.2 della piattaforma Intel (novembre 2020) contiene la correzione per il server Dell EMC PowerEdge che potrebbe essere sfruttata da utenti malintenzionati per compromettere il sistema interessato.

Dell Wyse Management Suite (WMS) contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Dell EMC SmartFabric Director mitigation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC vProtect remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

This article provides a list of security vulnerabilities that cannot be exploited on all versions of Dell EMC OpenManage Enterprise, but which may be identified by security scanners.

This article provides a list of security vulnerabilities that cannot be exploited on CloudLink, all versions, but which may be flagged by security scanners.

Dell EMC Unisphere Central remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Storage Center-Dell Storage Manager remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC PowerStore Family remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Support Assist Enterprise remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Elastic Cloud Storage 3.6.2.1 and 3.6.2.2 contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Dell EMC OpenManage Enterprise Services remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. (Note: OpenManage Services is not affected by CVE-2021-45105).

Dell Technologies Data Protection Advisor (DPA) remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC OpenManage Enterprise remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC BSN Controller Node remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Metro Node remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Data Protection Search remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC OpenManage Enterprise Modular remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Integrated System for Azure Stack HCI is impacted by the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing the remediation seen below as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Ruckus Wireless Controller and Virtual Software remediation is available for the Apache Log4j Remote Code Execution Vulnerability that maybe exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC vRealize Data Protection Extension for vRealize Automation (vRA) 8.x short-term mitigation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this short-term mitigation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC SRM and Dell EMC SMR remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC ECS remediation is available for the Apache Log4j Remote Code Execution Vulnerability that could be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell PowerFlex Appliance remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell PowerFlex Rack remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.

Dell EMC Data Protection Central remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability

Dell PowerProtect Data Manager remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability.