Alerta temprana

TLP:CLEAR PAP:WHITE

Boletines de seguridad de Dell

Descripción

DSA-2023-183: Actualización de seguridad de Dell PowerEdge T30 y T40 Mini Tower para una vulnerabilidad de Tianocore EDK2 [crítica].
La corrección de Dell PowerEdge T30 y T40 Mini Tower está disponible para una vulnerabilidad de Tianocore EDK2 que podría ser aprovechada por usuarios maliciosos para comprometer el sistema afectado.
CVE-2021-38578.

DSA-2023-134: Actualización de seguridad para el servidor Dell PowerEdge para múltiples vulnerabilidades de OpenSSL [alta].
La corrección del servidor Dell PowerEdge está disponible para múltiples vulnerabilidades de OpenSSL que podrían ser explotadas por usuarios malintencionados para comprometer los sistemas afectados.
CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304.

Productos afectados

PowerEdge T30 y T40, versiones anteriores a la 1.11.0
DSS 8440, Dell EMC XC Core XCXR2, Dell EMC XC Core XC450, Dell EMC XC Core XC650, Dell EMC XC Core XC6520, Dell EMC XC Core XC740xd2, Dell EMC XC Core XC750, Dell EMC XC Core XC750xa, Dell XC430 Hyper-converged Appliance , Dell XC630 Hyper-converged Appliance, Dell XC6320 Hyper-converged Appliance, Dell EMC XC Core XC640 System, Dell EMC XC Core 6420 System, Dell XC730 Hyper-converged Appliance, Dell XC730XD Hyper-converged Appliance, Dell EMC XC Core XC740xd System, Dell EMC XC Core XC940 System, PowerEdge XR2, PowerEdge C4130, PowerEdge C4140, PowerEdge c6320, PowerEdge C6420, PowerEdge C6520, PowerEdge C6525, PowerEdge C6620, Poweredge FC430, Poweredge FC630, PowerEdge FC640, Poweredge FC830, PowerEdge M630, PowerEdge M630 (for PE VRTX), PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge M830, PowerEdge M830 (for PE VRTX), PowerEdge MX740c, PowerEdge MX750c, PowerEdge MX760c, PowerEdge MX840c, PowerEdge R230, PowerEdge R240, PowerEdge R250, PowerEdge R340, PowerEdge R350, PowerEdge R430, PowerEdge R440, PowerEdge R450, PowerEdge R530, PowerEdge R540, PowerEdge R550, PowerEdge R630, PowerEdge R640, PowerEdge R6415, PowerEdge R650, PowerEdge R650xs, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R6615, PowerEdge R6625, PowerEdge R730, PowerEdge R730xd, PowerEdge R740, PowerEdge R740xd, PowerEdge R740xd2, PowerEdge R7415, PowerEdge R7425, PowerEdge R750, PowerEdge R750XA, PowerEdge R750xs, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R7615, PowerEdge R7625, PowerEdge R830, PowerEdge R840, PowerEdge R930, PowerEdge R940, PowerEdge R940xa, PowerEdge T130, PowerEdge T140, PowerEdge T150, PowerEdge T330, PowerEdge T340, PowerEdge T350, PowerEdge T430, PowerEdge T440, PowerEdge T550, PowerEdge T630, PowerEdge T640, PowerEdge XE2420, PowerEdge XE7420, PowerEdge XE7440, PowerEdge XE8545, PowerEdge XR11, PowerEdge XR12, PowerEdge XR4510c, PowerEdge XR4520c, Dell Storage NX3230, Dell EMC Storage NX3240, Dell Storage NX3330, Dell EMC Storage NX3340, Dell Storage NX430, Dell EMC NX440, Dell EMC XC Core XC7525

Riesgo

Crítico

Soluciones

Para PowerEdge T30 y T40, actualizar a versión 1.11.0
Para el resto de productos, consultar las tablas presentadas por el fabricante en el aviso DSA-2023-134.

Referencias

DSA-2023-183

DSA-2023-134

Contacto

Para más información, cualquier otra incidencia o problema de seguridad, puede ponerse en contacto a través de nuestra dirección de correo csirt@seresco.es