High
Third-Party Component | CVEs | CVSS Vector String |
---|---|---|
Apache Runtime Portable | CVE-2022-24963 CVE-2022-28331 |
See NVD more details. See NVD more details. |
SQLite | CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
See NVD more details. See NVD more details. See NVD more details. See NVD more details. |
libexpat | CVE-2022-43680 | See NVD more details. |
Apache HTTP Server | CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
See NVD more details. See NVD more details. See NVD more details. |
Third-Party Component | CVEs | CVSS Vector String |
---|---|---|
Apache Runtime Portable | CVE-2022-24963 CVE-2022-28331 |
See NVD more details. See NVD more details. |
SQLite | CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
See NVD more details. See NVD more details. See NVD more details. See NVD more details. |
libexpat | CVE-2022-43680 | See NVD more details. |
Apache HTTP Server | CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
See NVD more details. See NVD more details. See NVD more details. |
CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2022-24963 CVE-2022-28331 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | PowerScale OneFS Downloads Area |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2021-3618 |
PowerScale OneFS |
9.1.0 through 9.1.0.28 | Download and install the latest RUP >= 9.1.0.29 | |
9.2.1 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |||
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
9.5.0.0 through 9.5.0.3 | Download and install the latest RUP >= 9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2022-43680 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
PowerScale OneFS |
9.2.1.0 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 |
CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2022-24963 CVE-2022-28331 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | PowerScale OneFS Downloads Area |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2021-3618 |
PowerScale OneFS |
9.1.0 through 9.1.0.28 | Download and install the latest RUP >= 9.1.0.29 | |
9.2.1 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |||
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
9.5.0.0 through 9.5.0.3 | Download and install the latest RUP >= 9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
CVE-2021-20227 CVE-2021-36690 CVE-2022-46908 CVE-2022-35737 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2022-43680 |
PowerScale OneFS |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |
9.5.0.0 through 9.5.0.3 | Upgrade your version of PowerScale OneFS to >=9.5.0.5 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 | |||
CVE-2022-37436 CVE-2006-20001 CVE-2022-36760 |
PowerScale OneFS |
9.2.1.0 through 9.2.1.22 | Download and install the latest RUP >= 9.2.1.23 | |
9.4.0.0 through 9.4.0.13 | Download and install the latest RUP >= 9.4.0.14 | |||
Any other version | Upgrade your version of PowerScale OneFS in 9.4 series to >= 9.4.0.14 |
CVE | Workarounds |
---|---|
CVE-2021-3618 | Please use following command to disable the vsftpd service on cluster to mitigate the issue: isi ftp settings modify --service=no |
Revision | Date | Description |
1.0 | 2023-06-01 | Initial Release |
2.0 | 2023-08-14 | Updated the DSA as 9.5.0.5 is released and added CVE-2021-3618 which is fixed. |