Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

DSA-2023-026: Dell PowerFlex Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerFlex Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

 
Component CVEs More information
Dell PowerEdge Server BIOS
 		 CVE-2022-21233 Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU)
CVE-2022-26074
CVE-2022-33060
CVE-2021-26316 Dell article 207371: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities
CVE-2021-26398
CVE-2021-39298
CVE-2021-26402
CVE-2021-26353
CVE-2021-26355
CVE-2023-20529
CVE-2023-20530
CVE-2023-20531
CVE-2022-23813
CVE-2022-23814
CVE-2021-26396
CVE-2021-46779
CVE-2021-46791
CVE-2021-26328
CVE-2021-26407
CVE-2021-26409
CVE-2021-46768
CVE-2021-46767
CVE-2023-20522
CVE-2023-20523
CVE-2021-26404
CVE-2023-20525
CVE-2023-20527
CVE-2023-20528
CVE-2023-20532
CVE-2021-26403
CVE-2021-26343
CVE-2022-34377 Dell article 206296: DSA-2022-204: Dell PowerEdge Improper SMM Communication Buffer Verification Vulnerability
CVE-2022-34376
CVE-2022-34406
CVE-2022-34407
CVE-2022-34408
CVE-2022-34409
CVE-2022-34410
CVE-2022-34411
CVE-2022-34412
CVE-2022-34413
CVE-2022-34414
CVE-2022-34415
CVE-2022-34416
CVE-2022-34417
CVE-2022-34418
CVE-2022-34419
CVE-2022-34420
CVE-2022-34421
CVE-2022-34422
CVE-2022-34423
ESXi CVE-2022-21123 VMware article: VMSA-2022-0016
CVE-2022-21125
CVE-2022-21166
CVE-2022-31680 VMware article: VMSA-2022-0025
CVE-2022-31681
vCenter server CVE-2022-22982 VMware article: VMSA-2022-0018
PowerFlex Manager CVE-2021-46827
CVE-2022-42889
Dell iDRAC or Lifecycle Controller Firmware CVE-2022-34435
Cisco Switch CVE-2022-20824 Cisco-sa-nxos-cdp-dos-ce-wWvPucC9
Embedded OS CVE-2022-2601
CVE-2022-3775
 
 
Component CVEs More information
Dell PowerEdge Server BIOS
 		 CVE-2022-21233 Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU)
CVE-2022-26074
CVE-2022-33060
CVE-2021-26316 Dell article 207371: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities
CVE-2021-26398
CVE-2021-39298
CVE-2021-26402
CVE-2021-26353
CVE-2021-26355
CVE-2023-20529
CVE-2023-20530
CVE-2023-20531
CVE-2022-23813
CVE-2022-23814
CVE-2021-26396
CVE-2021-46779
CVE-2021-46791
CVE-2021-26328
CVE-2021-26407
CVE-2021-26409
CVE-2021-46768
CVE-2021-46767
CVE-2023-20522
CVE-2023-20523
CVE-2021-26404
CVE-2023-20525
CVE-2023-20527
CVE-2023-20528
CVE-2023-20532
CVE-2021-26403
CVE-2021-26343
CVE-2022-34377 Dell article 206296: DSA-2022-204: Dell PowerEdge Improper SMM Communication Buffer Verification Vulnerability
CVE-2022-34376
CVE-2022-34406
CVE-2022-34407
CVE-2022-34408
CVE-2022-34409
CVE-2022-34410
CVE-2022-34411
CVE-2022-34412
CVE-2022-34413
CVE-2022-34414
CVE-2022-34415
CVE-2022-34416
CVE-2022-34417
CVE-2022-34418
CVE-2022-34419
CVE-2022-34420
CVE-2022-34421
CVE-2022-34422
CVE-2022-34423
ESXi CVE-2022-21123 VMware article: VMSA-2022-0016
CVE-2022-21125
CVE-2022-21166
CVE-2022-31680 VMware article: VMSA-2022-0025
CVE-2022-31681
vCenter server CVE-2022-22982 VMware article: VMSA-2022-0018
PowerFlex Manager CVE-2021-46827
CVE-2022-42889
Dell iDRAC or Lifecycle Controller Firmware CVE-2022-34435
Cisco Switch CVE-2022-20824 Cisco-sa-nxos-cdp-dos-ce-wWvPucC9
Embedded OS CVE-2022-2601
CVE-2022-3775
 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions
PowerFlex Appliance Versions before Intelligent_Catalog_38_363_01_r8 Intelligent_Catalog_38_363_01_r8
Versions before Intelligent_Catalog_38_357_01_r8 Intelligent_Catalog_38_357_01_r8
Versions before Intelligent_Catalog_40.371.00_r30 Intelligent_Catalog_40.371.00_r30

For Intelligent Catalog (IC) bundle downloads:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-appliance-int-ca-sw/drivers
Product Affected Versions Updated Versions
PowerFlex Appliance Versions before Intelligent_Catalog_38_363_01_r8 Intelligent_Catalog_38_363_01_r8
Versions before Intelligent_Catalog_38_357_01_r8 Intelligent_Catalog_38_357_01_r8
Versions before Intelligent_Catalog_40.371.00_r30 Intelligent_Catalog_40.371.00_r30

For Intelligent Catalog (IC) bundle downloads:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-appliance-int-ca-sw/drivers

Revision History

RevisionDateDescription
1.02023-01-30Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerFlex Appliance, PowerFlex appliance Intelligent Catalog Software, Product Security Information