The official site for Saudi CERT
Dell Alert
2579
Warning Date
Severity Level
Warning Number
Target Sector
5 June, 2022
● High
2022-4912
All
Description:
Dell EMC has released security update to address several vulnerabilities in its products,mainly:
- Dell EMC PowerFlex Appliance
- Dell EMC PowerFlex Rack
- Dell EMC Elastic Cloud Storage
- ECS version prior to 3.7.0.2
- ECS Appliance Hardware Gen3 EX3000
- ECS Appliance Hardware Gen3 EX300,
- ECS Appliance Hardware Gen3 EX500,
- ECS Appliance Hardware Gen3 EX5000,
- ECS Appliance Hardware Gen3 EXF900
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Sensitive information disclosure
- Excuate Arbirtary Code
Best practice and Recommendations:
The CERT team encourages users to review Dell EMC security advisory and apply the necessary update, mainly:
- https://www.dell.com/support/kbdoc/en-us/000198814/dsa-2022-034-dell-emc-ecs-security-update-for-multiple-idrac-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000200286/dsa-2022-157-dell-elastic-cloud-storage-ecs-security-update-for-multiple-third-party-component-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000200325/dsa-2022-124-dell-emc-powerflex-rack-security-update-for-multiple-third-party-component-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000200326/dsa-2022-125-dell-emc-powerflex-appliance-security-update-for-multiple-third-party-component-vulnerabilities
Rate the content
Share the page
