Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

DSA-2022-125: Dell PowerFlex Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerFlex Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Impact

Critical

Details

Component CVEs More information
VMware vCenter Server CVE-2022-22948 VMware article VMSA-2022-0009 This hyperlink is taking you to a website outside of Dell Technologies.
Dell PowerEdge Server BIOS CVE-2020-12966 Dell article DSA-2021-255: Dell PowerEdge Security Update for an AMD Vulnerability
CVE-2021-0060 Dell article DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release
CVE-2021-0127
CVE-2021-0103
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0099
CVE-2021-0111
CVE-2021-0107
CVE-2021-0125
CVE-2021-0124
CVE-2021-33068
CVE-2021-0092
CVE-2021-0156
CVE-2021-0093
CVE-2019-14584 Dell article DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities
CVE-2021-28210
CVE-2021-28211
CVE-2021-26373 Dell article DSA-2022-126: Dell PowerEdge Server Security Updates for AMD Server Vulnerabilities.
CVE-2021-26347
CVE-2021-26376
CVE-2021-26375
CVE-2021-26378
CVE-2021-26372
CVE-2021-26339
CVE-2021-26348
CVE-2021-26342
CVE-2021-26388
CVE-2021-26349
CVE-2021-26364
CVE-2021-26312
CVE-2021-26350
CVE-2020-12944 Dell article DSA-2021-227: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities | Dell US
CVE-2020-12951
CVE-2020-12954
CVE-2020-12988
CVE-2021-26312
CVE-2021-26320
CVE-2021-26321
CVE-2021-26322
CVE-2021-26329
CVE-2021-26330
CVE-2020-12946
CVE-2020-12961
CVE-2021-26331
CVE-2021-26315
CVE-2021-26325
CVE-2021-26326
CVE-2021-26327
Dell iDRAC Lifecycle Controller Firmware CVE-2022-24422 Dell article DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability
CVE-2021-3712 Dell article DSA-2021-259: Dell iDRAC Security Update for Multiple Security Vulnerabilities

 
CVE-2021-36347
CVE-2021-36348
CVE-2021-36346
ESXi CVE-2021-22045 VMware article VMSA-2022-0001 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22040 VMware article VMSA-2022-0004 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22041
CVE-2021-22050
Embedded OS CVE-2022-0778 https://nvd.nist.gov/vuln/detail/CVE-2022-0778 This hyperlink is taking you to a website outside of Dell Technologies.
 
Cisco Switches CVE-2022-20624 Cisco article Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20650 Cisco article Cisco NX-OS Software NX-API Command Injection Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20625 Cisco article Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20623 Cisco article Cisco Nexus 9000 Series Switches Bi-directional Forwarding Detection Denial of Service Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
Spring CVE-2022-22965 https://nvd.nist.gov/vuln/detail/CVE-2022-22965 This hyperlink is taking you to a website outside of Dell Technologies.
Component CVEs More information
VMware vCenter Server CVE-2022-22948 VMware article VMSA-2022-0009 This hyperlink is taking you to a website outside of Dell Technologies.
Dell PowerEdge Server BIOS CVE-2020-12966 Dell article DSA-2021-255: Dell PowerEdge Security Update for an AMD Vulnerability
CVE-2021-0060 Dell article DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release
CVE-2021-0127
CVE-2021-0103
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0099
CVE-2021-0111
CVE-2021-0107
CVE-2021-0125
CVE-2021-0124
CVE-2021-33068
CVE-2021-0092
CVE-2021-0156
CVE-2021-0093
CVE-2019-14584 Dell article DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities
CVE-2021-28210
CVE-2021-28211
CVE-2021-26373 Dell article DSA-2022-126: Dell PowerEdge Server Security Updates for AMD Server Vulnerabilities.
CVE-2021-26347
CVE-2021-26376
CVE-2021-26375
CVE-2021-26378
CVE-2021-26372
CVE-2021-26339
CVE-2021-26348
CVE-2021-26342
CVE-2021-26388
CVE-2021-26349
CVE-2021-26364
CVE-2021-26312
CVE-2021-26350
CVE-2020-12944 Dell article DSA-2021-227: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities | Dell US
CVE-2020-12951
CVE-2020-12954
CVE-2020-12988
CVE-2021-26312
CVE-2021-26320
CVE-2021-26321
CVE-2021-26322
CVE-2021-26329
CVE-2021-26330
CVE-2020-12946
CVE-2020-12961
CVE-2021-26331
CVE-2021-26315
CVE-2021-26325
CVE-2021-26326
CVE-2021-26327
Dell iDRAC Lifecycle Controller Firmware CVE-2022-24422 Dell article DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability
CVE-2021-3712 Dell article DSA-2021-259: Dell iDRAC Security Update for Multiple Security Vulnerabilities

 
CVE-2021-36347
CVE-2021-36348
CVE-2021-36346
ESXi CVE-2021-22045 VMware article VMSA-2022-0001 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22040 VMware article VMSA-2022-0004 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22041
CVE-2021-22050
Embedded OS CVE-2022-0778 https://nvd.nist.gov/vuln/detail/CVE-2022-0778 This hyperlink is taking you to a website outside of Dell Technologies.
 
Cisco Switches CVE-2022-20624 Cisco article Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20650 Cisco article Cisco NX-OS Software NX-API Command Injection Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20625 Cisco article Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-20623 Cisco article Cisco Nexus 9000 Series Switches Bi-directional Forwarding Detection Denial of Service Vulnerability. This hyperlink is taking you to a website outside of Dell Technologies.
Spring CVE-2022-22965 https://nvd.nist.gov/vuln/detail/CVE-2022-22965 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed Product Affected Versions Updated Versions Fix package in RCM.
CVE-2020-12966 PowerFlex Appliance Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6

Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6

Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 15G version 2.6.6

BIOS Firmware 14G version 2.13

BIOS Firmware 15G version 2.6.6

BIOS Firmware 14G version 2.13.3

BIOS Firmware 15G version 2.6.6
CVE-2021-0060
CVE-2021-0127
CVE-2021-0103
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0099
CVE-2021-0111
CVE-2021-0107
CVE-2021-0125
CVE-2021-0124
CVE-2021-33068
CVE-2021-0092
CVE-2021-0156
CVE-2021-0093
CVE-2020-12944
CVE-2020-12951
CVE-2020-12954
CVE-2020-12988
CVE-2021-26312
CVE-2021-
26320
CVE-2021-
26321
CVE-2021-
26322
CVE-2021-
26329
CVE-2021-
26330
CVE-2020-
12946
CVE-2020-
12961
CVE-2021-
26331
CVE-2021-
26315
CVE-2021-
26325
CVE-2021-
26326
CVE-2021-
26327
CVE-2021
-3712
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
iDRAC9 version 5.10.10.00
CVE-2021-
36347
CVE-2021-
36348
CVE-2021-
26350
CVE-2021-
36346
CVE-2021-
22045
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
ESXi 6.7 EP 23 Build 19195723

VMware-ESXi-7.0U3c-19193900
CVE-2019-14584 Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 14G version 2.13.3

BIOS Firmware 15G version 2.6.6
 
CVE-2021-28210
CVE-2021-28211
CVE-2021-
26373
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 15G version 2.6.6
CVE-2021-
26347
CVE-2021-
26376
CVE-2021-
26375
CVE-2021-
26378
CVE-2021-
26372
CVE-2021-
26348
CVE-2021-
26342
CVE-2021-
26339
CVE-2021-
26388
CVE-2021-
26349
CVE-2021-
26364
CVE-2021-
22040
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
ESXi 6.7 EP 23 Build 19195723
CVE-2021-
22041
CVE-2021-
22050
CVE-2022-
24422
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
iDRAC9 version 5.10.10.00
CVE-2022-
0778
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
 
CVE-2022-
20624
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
9.3(9)
CVE-2022-
20650
CVE-2022-
20625
CVE-2022-
20623
CVE-2022-
22965
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
PowerFlex Version 3.6.0.4

 
CVE-2022-
22948
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
vCenter server version 6.7 Update 3q (6.7.0 Build19300125)
CVEs Addressed Product Affected Versions Updated Versions Fix package in RCM.
CVE-2020-12966 PowerFlex Appliance Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6

Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6

Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 15G version 2.6.6

BIOS Firmware 14G version 2.13

BIOS Firmware 15G version 2.6.6

BIOS Firmware 14G version 2.13.3

BIOS Firmware 15G version 2.6.6
CVE-2021-0060
CVE-2021-0127
CVE-2021-0103
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0099
CVE-2021-0111
CVE-2021-0107
CVE-2021-0125
CVE-2021-0124
CVE-2021-33068
CVE-2021-0092
CVE-2021-0156
CVE-2021-0093
CVE-2020-12944
CVE-2020-12951
CVE-2020-12954
CVE-2020-12988
CVE-2021-26312
CVE-2021-
26320
CVE-2021-
26321
CVE-2021-
26322
CVE-2021-
26329
CVE-2021-
26330
CVE-2020-
12946
CVE-2020-
12961
CVE-2021-
26331
CVE-2021-
26315
CVE-2021-
26325
CVE-2021-
26326
CVE-2021-
26327
CVE-2021
-3712
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
iDRAC9 version 5.10.10.00
CVE-2021-
36347
CVE-2021-
36348
CVE-2021-
26350
CVE-2021-
36346
CVE-2021-
22045
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
ESXi 6.7 EP 23 Build 19195723

VMware-ESXi-7.0U3c-19193900
CVE-2019-14584 Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 14G version 2.13.3

BIOS Firmware 15G version 2.6.6
 
CVE-2021-28210
CVE-2021-28211
CVE-2021-
26373
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
BIOS Firmware 15G version 2.6.6
CVE-2021-
26347
CVE-2021-
26376
CVE-2021-
26375
CVE-2021-
26378
CVE-2021-
26372
CVE-2021-
26348
CVE-2021-
26342
CVE-2021-
26339
CVE-2021-
26388
CVE-2021-
26349
CVE-2021-
26364
CVE-2021-
22040
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
ESXi 6.7 EP 23 Build 19195723
CVE-2021-
22041
CVE-2021-
22050
CVE-2022-
24422
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
iDRAC9 version 5.10.10.00
CVE-2022-
0778
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
 
CVE-2022-
20624
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
9.3(9)
CVE-2022-
20650
CVE-2022-
20625
CVE-2022-
20623
CVE-2022-
22965
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
PowerFlex Version 3.6.0.4

 
CVE-2022-
22948
Versions before
Intelligent_Catalog_38_356_03_r5

Versions before
Intelligent_Catalog_38_362_03_r6
Intelligent_Catalog_38_356_03_r5

Intelligent_Catalog_38_362_03_r6
vCenter server version 6.7 Update 3q (6.7.0 Build19300125)

Revision History

RevisionDateDescription
1.02022-06-03Initial Release

Related Information

Affected Products

PowerFlex Appliance, PowerFlex appliance R650, PowerFlex appliance R6525, Powerflex appliance R750, Product Security Information, PowerFlex appliance R640, PowerFlex appliance R740XD, PowerFlex appliance R840
Article Properties
Article Number: 000200326
Article Type: Dell Security Advisory
Last Modified: 27 Jun 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.