DSA-2023-328: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax vApp, Dell Solutions Enabler, Dell Solutions Enabler vApp, Dell Unisphere 360, Dell VASA Provider vApp, and Dell PowerMax EEM Security Update for Multiple Vulnerabilities
Summary: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler, Dell Solutions Enabler Virtual Appliance, Dell Unisphere 360, Dell VASA Provider Virtual Appliance, and Dell PowerMax Embedded Management remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Third-party Component | CVEs | More Information |
| Microsoft Visual C++ 2010 | CVE-2010-3190 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  |
| openSSL | CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| SLES 12 SP5 | CVE-2020-36691, CVE-2021-37600, CVE-2022-3566, CVE-2022-4304, CVE-2022-43945, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1611, CVE-2023-1637, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2002, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-2194, CVE-2023-2269, CVE-2023-2453, CVE-2023-2483, CVE-2023-2513, CVE-2023-25180, CVE-2023-2603, CVE-2023-2650, CVE-2023-2828, CVE-2023-28466, CVE-2023-28484, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-2953, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3138, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-32324, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824, CVE-2023-36664 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| SLES 15 SP2 | CVE-2022-39188, CVE-2022-36879, CVE-2022-32250, CVE-2022-3028, CVE-2022-2977, CVE-2022-29581, CVE-2022-2905, CVE-2022-2663, CVE-2022-2639, CVE-2022-26373, CVE-2022-2588, CVE-2022-20369, CVE-2022-20368, CVE-2022-20166, CVE-2022-1012, CVE-2021-4203, CVE-2021-4155, CVE-2020-36516, CVE-2020-27784, CVE-2020-26159, CVE-2019-19246, CVE-2019-19204, CVE-2019-19203, CVE-2019-16163, CVE-2019-13224, CVE-2022-31163, CVE-2023-22796, CVE-2020-14001, CVE-2022-44572, CVE-2022-44571, CVE-2022-44570, CVE-2022-32209, CVE-2022-31163 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Oracle | CVE-2023-22043, CVE-2023-22041, CVE-2023-22051, CVE-2023-25193, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-22036, CVE-2023-22006 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
| Windows 10 | CVE-2023-35367, CVE-2023-35302, CVE-2023-33155, CVE-2023-35309, CVE-2023-32054, CVE-2023-35363, CVE-2023-35358, CVE-2023-32044, CVE-2023-35306, CVE-2023-35361, CVE-2023-35299, CVE-2023-32085, CVE-2023-32056, CVE-2023-33174, CVE-2023-36884, CVE-2023-35357, CVE-2023-35303, CVE-2023-32055, CVE-2023-33154, CVE-2023-35304, CVE-2023-35296, CVE-2023-35362, CVE-2023-35366, CVE-2023-35308, CVE-2023-32038, CVE-2023-33168, CVE-2023-36871, CVE-2023-35365, CVE-2023-32053, CVE-2023-32037, CVE-2023-33169, CVE-2023-35356, CVE-2023-35305, CVE-2023-32057, CVE-2023-21526, CVE-2023-36874, CVE-2023-35364, CVE-2023-35360, CVE-2023-35353, CVE-2023-35343, CVE-2023-35342, CVE-2023-35341, CVE-2023-35340, CVE-2023-35339, CVE-2023-35338, CVE-2023-35336, CVE-2023-35332, CVE-2023-35330, CVE-2023-35329, CVE-2023-35328, CVE-2023-35326, CVE-2023-35325, CVE-2023-35324, CVE-2023-35320, CVE-2023-35319, CVE-2023-35318, CVE-2023-35316, CVE-2023-35315, CVE-2023-35314, CVE-2023-35313, CVE-2023-35312, CVE-2023-35300, CVE-2023-35297, CVE-2023-32084, CVE-2023-32049, CVE-2023-32046, CVE-2023-32045, CVE-2023-32043, CVE-2023-32042, CVE-2023-32041, CVE-2023-32040, CVE-2023-32039, CVE-2023-32035, CVE-2023-32034, CVE-2023-33173, CVE-2023-33172, CVE-2023-33167, CVE-2023-33166, CVE-2023-33164, CVE-2023-21756, CVE-2023-24936, CVE-2023-32030, CVE-2023-24895, CVE-2023-29331, CVE-2023-24897, CVE-2023-29326, CVE-2023-32019, CVE-2023-32017, CVE-2023-32016, CVE-2023-32015, CVE-2023-32014, CVE-2023-32011, CVE-2023-32009, CVE-2023-32008, CVE-2023-29373, CVE-2023-29372, CVE-2023-29371, CVE-2023-29370, CVE-2023-29368, CVE-2023-29365, CVE-2023-29364, CVE-2023-29363, CVE-2023-29360, CVE-2023-29359, CVE-2023-29358, CVE-2023-29351, CVE-2023-29346, CVE-2023-24938, CVE-2023-24937, CVE-2023-24949, CVE-2023-24947, CVE-2023-24903, CVE-2023-29325, CVE-2023-29324, CVE-2023-24948, CVE-2023-24946, CVE-2023-24945, CVE-2023-24944, CVE-2023-24943, CVE-2023-24942, CVE-2023-24901, CVE-2023-24940, CVE-2023-24900, CVE-2023-24939, CVE-2023-28283, CVE-2023-28251, CVE-2023-24932 | See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
Affected Products & Remediation
| Product | Software/Firmware | Affected Versions | Updated Versions | Link |
|---|---|---|---|---|
| Unisphere for PowerMax | Host Installation | Versions prior to 9.2.4.6 | Version 9.2.4.6 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Unisphere for PowerMax | Virtual Appliance | Versions prior to 9.2.4.6 | Version 9.2.4.6 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Unisphere 360 | Host Installation | Versions prior to 9.2.4.8 | Version 9.2.4.8 | https://www.dell.com/support/home/product-support/product/unisphere-360/drivers |
| Solutions Enabler | Host Installation | Versions prior to 9.2.4.3 | Version 9.2.4.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| Solutions Enabler | Virtual Appliance | Versions prior to 9.2.4.3 | Version 9.2.4.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| eVASA Provider | Embedded | Versions prior to 9.2.4.34 | Version 9.2.4.34 | Contact customer support and request DSA-2023-212 |
| VASA Provider | Standalone | Versions prior to 9.2.4.30 | Version 9.2.4.30 | https://www.dell.com/support/home/product-support/product/vasa-provider/drivers |
| Unisphere for PowerMax | Host Installation | Versions prior to 10.0.1.7 | Version 10.0.1.7 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Solutions Enabler | Host Installation | Versions prior to 10.0.1.3 | Version 10.0.1.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| eVASA Provider | Embedded | Versions prior to 10.0.1.469 | Version 10.0.1.469 | Contact customer support and request DSA-2023-328 |
| PowerMaxOS | PowerMax OS | Version prior 5978.711.711 patch 10080 | Version 5978.711.711 patch 10080 or later | Contact customer support and request DSA-2023-328 |
| PowerMaxOS | PowerMax OS | Versions before 10.0.1.3 Patch 10081 | Versions 10.0.1.3 Patch 10081 or later | Contact customer support and request DSA-2023-328 |
| Product | Software/Firmware | Affected Versions | Updated Versions | Link |
|---|---|---|---|---|
| Unisphere for PowerMax | Host Installation | Versions prior to 9.2.4.6 | Version 9.2.4.6 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Unisphere for PowerMax | Virtual Appliance | Versions prior to 9.2.4.6 | Version 9.2.4.6 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Unisphere 360 | Host Installation | Versions prior to 9.2.4.8 | Version 9.2.4.8 | https://www.dell.com/support/home/product-support/product/unisphere-360/drivers |
| Solutions Enabler | Host Installation | Versions prior to 9.2.4.3 | Version 9.2.4.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| Solutions Enabler | Virtual Appliance | Versions prior to 9.2.4.3 | Version 9.2.4.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| eVASA Provider | Embedded | Versions prior to 9.2.4.34 | Version 9.2.4.34 | Contact customer support and request DSA-2023-212 |
| VASA Provider | Standalone | Versions prior to 9.2.4.30 | Version 9.2.4.30 | https://www.dell.com/support/home/product-support/product/vasa-provider/drivers |
| Unisphere for PowerMax | Host Installation | Versions prior to 10.0.1.7 | Version 10.0.1.7 | https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers |
| Solutions Enabler | Host Installation | Versions prior to 10.0.1.3 | Version 10.0.1.3 | https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers |
| eVASA Provider | Embedded | Versions prior to 10.0.1.469 | Version 10.0.1.469 | Contact customer support and request DSA-2023-328 |
| PowerMaxOS | PowerMax OS | Version prior 5978.711.711 patch 10080 | Version 5978.711.711 patch 10080 or later | Contact customer support and request DSA-2023-328 |
| PowerMaxOS | PowerMax OS | Versions before 10.0.1.3 Patch 10081 | Versions 10.0.1.3 Patch 10081 or later | Contact customer support and request DSA-2023-328 |
Workarounds & Mitigations
None.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-09-27 | Initial Version |
| 2.0 | 2023-10-04 | Added hyperlinks for support. |
| 3.0 | 2023-10-13 | Updated for enhanced presentation without any changes to content. |
| 4.0 | 2023-10-16 | Removed Statement "Not Available until 10/16/2023" from the Affected Products and Remediation Table for Product PowerMaxOS 5978. |
| 5.0 | 2023-10-17 | Updated for enhanced presentation without any changes to content. |
| 6.0 | 2023-12-01 | Updated for enhanced presentation with no change to content. |
| 7.0 | 2023-12-14 | Added to "Third-Party Component" table additional third-party component VC2010 with CVE-2010-3190 Updated "Revision History" table, version 6 had incorrect date of 2323 for the year, updated to 2023 |
| 8.0 | 2023-12-12 |
Updated "Third-Party Component" table to include "Microsoft Visual C++ 2010 " for clarity. |
| 9.0 | 2024-06-13 | Updated for enhanced presentation with no changes to content. |
Related Information
Legal Disclaimer
Affected Products
PowerMax, PowerMax, PowerMax 2000, PowerMax 2500, PowerMax 8000, PowerMax 8500, PowerMax Engine, PowerMaxOS 5978, Solutions Enabler, Unisphere 360, Unisphere for PowerMax, VASA ProviderArticle Properties
Article Number: 000218009
Article Type: Dell Security Advisory
Last Modified: 11 Sep 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.