High
| Third-Party Component | CVEs | CVSS Vector String |
|---|---|---|
| Apache Runtime Portable | CVE-2022-24963 CVE-2022-28331 |
See NVD more details. See NVD more details. |
| SQLite | CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
See NVD more details. See NVD more details. See NVD more details. See NVD more details. |
| libexpat | CVE-2022-43680 | See NVD more details. |
| Apache HTTP Server | CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
See NVD more details. See NVD more details. See NVD more details. |
| Third-Party Component | CVEs | CVSS Vector String |
|---|---|---|
| Apache Runtime Portable | CVE-2022-24963 CVE-2022-28331 |
See NVD more details. See NVD more details. |
| SQLite | CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
See NVD more details. See NVD more details. See NVD more details. See NVD more details. |
| libexpat | CVE-2022-43680 | See NVD more details. |
| Apache HTTP Server | CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
See NVD more details. See NVD more details. See NVD more details. |
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-24963 CVE-2022-28331 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | PowerScale OneFS Downloads Area |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2021-3618 |
PowerScale OneFS |
9.1.0 through 9.1.0.28 | Download and install the latest RUP >= 9.1.0.29 | |
| 9.2.1 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |||
| 9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
| 9.5.0.0 through 9.5.0.3 | Download and install the latest RUP >= 9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2022-43680 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
PowerScale OneFS |
9.2.1.0 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |
| 9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 |
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-24963 CVE-2022-28331 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | PowerScale OneFS Downloads Area |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2021-3618 |
PowerScale OneFS |
9.1.0 through 9.1.0.28 | Download and install the latest RUP >= 9.1.0.29 | |
| 9.2.1 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |||
| 9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
| 9.5.0.0 through 9.5.0.3 | Download and install the latest RUP >= 9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2022-43680 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
| 9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
| CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
PowerScale OneFS |
9.2.1.0 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |
| 9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
| Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 |
| CVE | Workarounds |
|---|---|
| CVE-2021-3618 | Please use following command to disable the vsftpd service on cluster to mitigate the issue: isi ftp settings modify --service=no |
| Revision | Date | Description |
| 1.0 | 2023-06-01 | Initial Release |
| 2.0 | 2023-08-14 | Updated the DSA as 9.5.0.5 is released and added CVE-2021-3618 which is fixed. |