DSA-2022-087: Dell EMC PowerFlex Custom Node 15G, VxFlex Ready Node 14G, and ScaleIO Ready Node 13G Security Update for Multiple Vulnerabilities

Table of Contents

Detailed Article

Impact

Details

Affected Products & Remediation

Revision History

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Impact

High

Details

Component	CVEs	More Information
Intel	CVE-2021-0060, CVE-2021-0147	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00470.html
	CVE-2021-0103, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0111, CVE-2021-0107, CVE-2021-0125, CVE-2021-0124, CVE-2021-0119, CVE-2021-0091, CVE-2021-0092, CVE-2021-0093	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html
	CVE-2021-0127	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html
VMware ESXi	CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050	VMware article: https://www.vmware.com/security/advisories/VMSA-2022-0004.html
Dell PowerEdge Server BIOS	CVE-2019-14584, CVE-2021-28210, CVE-2021-28211	Dell article: https://www.dell.com/support/kbdoc/en-ie/000198065/dsa-2022-088
DELL iDRAC	CVE-2022-24442	https://blog.jetbrains.com/

Component	CVEs	More Information
Intel	CVE-2021-0060, CVE-2021-0147	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00470.html
	CVE-2021-0103, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0111, CVE-2021-0107, CVE-2021-0125, CVE-2021-0124, CVE-2021-0119, CVE-2021-0091, CVE-2021-0092, CVE-2021-0093	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html
	CVE-2021-0127	Intel article: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html
VMware ESXi	CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050	VMware article: https://www.vmware.com/security/advisories/VMSA-2022-0004.html
Dell PowerEdge Server BIOS	CVE-2019-14584, CVE-2021-28210, CVE-2021-28211	Dell article: https://www.dell.com/support/kbdoc/en-ie/000198065/dsa-2022-088
DELL iDRAC	CVE-2022-24442	https://blog.jetbrains.com/

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed	Product	Affected Versions	Updated Versions	Link to Update
CVE-2019-14584 CVE-2021-28210 CVE-2021-28211	R650, R750, R6525 custom node	BIOS Versions before 1.5.4 for Intel and 2.6.6 for AMD	Intel BIOS: 1.5.4 AMD BIOS: 2.6.6	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2021-0060, CVE-2021-0147, CVE-2021-0103, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0099, CVE-2021-0111, CVE-2021-0107, CVE-2021-0125, CVE-2021-0124, CVE-2021-0119, CVE-2021-0092, CVE-2021-0091, CVE-2021-0093, CVE-2021-0127, CVE-2019-14584, CVE-2021-28210 CVE-2021-28211	R640, R740, and R840 custom node	BIOS versions before 2.13.3	2.13.3	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2022-24442	R650, R750 custom node	iDRAC versions prior to 5.10.10.00	5.10.10.00	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2022-24442	R640, R740, R840 custom node	iDRAC versions prior to 5.10.10.00	5.10.10.00	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050	ESXi 7.0 patches	Versions before 7.0U3c	7.0U3c	Refer to Updated Firmware and Driver Support Matrix listing supported ESXi versions per Product offering and link guidance.

CVEs Addressed	Product	Affected Versions	Updated Versions	Link to Update
CVE-2019-14584 CVE-2021-28210 CVE-2021-28211	R650, R750, R6525 custom node	BIOS Versions before 1.5.4 for Intel and 2.6.6 for AMD	Intel BIOS: 1.5.4 AMD BIOS: 2.6.6	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2021-0060, CVE-2021-0147, CVE-2021-0103, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116, CVE-2021-0117, CVE-2021-0118, CVE-2021-0099, CVE-2021-0111, CVE-2021-0107, CVE-2021-0125, CVE-2021-0124, CVE-2021-0119, CVE-2021-0092, CVE-2021-0091, CVE-2021-0093, CVE-2021-0127, CVE-2019-14584, CVE-2021-28210 CVE-2021-28211	R640, R740, and R840 custom node	BIOS versions before 2.13.3	2.13.3	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2022-24442	R650, R750 custom node	iDRAC versions prior to 5.10.10.00	5.10.10.00	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2022-24442	R640, R740, R840 custom node	iDRAC versions prior to 5.10.10.00	5.10.10.00	Downloads (in case of upgrade using OME) Documents (in case of manual upgrade)
CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050	ESXi 7.0 patches	Versions before 7.0U3c	7.0U3c	Refer to Updated Firmware and Driver Support Matrix listing supported ESXi versions per Product offering and link guidance.

Revision History

Revision	Date	Description
1.0	2022-03-29	Initial release
2.0	2022-04-22	Updated Details Section
3.0	2022-05-11	Updated section with CVE changes

Related Information

Legal Disclaimer

Affected Products

VxFlex Ready Nodes, PowerFlex custom node, PowerFlex custom node, PowerFlex custom node R650, PowerFlex custom node R750, Product Security Information, VxFlex Ready Node, ScaleIO Ready Node-PowerEdge 13G, VxFlex Ready Node R640

Article Number: 000198136

Article Type: Dell Security Advisory

Last Modified: 23 May 2022

Check if your device is covered by Support Services.

DSA-2022-087: Dell EMC PowerFlex Custom Node 15G, VxFlex Ready Node 14G, and ScaleIO Ready Node 13G Security Update for Multiple Vulnerabilities

Summary: Remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Welcome

Welcome to Dell

DSA-2022-087: Dell EMC PowerFlex Custom Node 15G, VxFlex Ready Node 14G, and ScaleIO Ready Node 13G Security Update for Multiple Vulnerabilities

Summary: Remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Detailed Article

Impact

Details

Affected Products & Remediation

Revision History

Related Info

Legal Disclaimer

Affected Products

Impact

Details

Affected Products & Remediation

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services