Full Report
Dell security advisory (AV26-619)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Dell Storage and Infrastructure Products
## CVE Details
*Note: The primary source document (AV26-619) serves as a consolidated bulletin. Specific CVE IDs are contained within the individual Dell advisories linked in the reference section.*
- **CVE ID:** Multiple (Refer to Dell Security Portal)
- **CVSS Score:** Cumulative Risk: High
- **CWE:** Varies by product (includes Input Validation, Authentication Bypass, and Resource Management issues typical of these product suites)
## Affected Systems
- **Products:**
- Dell Container Storage Modules
- Dell Data Protection Central
- Dell PowerFlex (Software and Custom Nodes)
- Dell Private Cloud - Red Hat
- Dell VxFlex Ready Node
- Dell VxRail Appliance
- PowerProtect DB
- **Versions:**
- **Container Storage Modules:** Multiple versions
- **Data Protection Central:** 19.10 to 19.12 (with OS Update prior to dpc-osupdate-1.1.27-1)
- **PowerFlex Software:** Prior to 4.5.5.2 and 5.1.0.1
- **Private Cloud - Red Hat:** Prior to 01.04.00.00
- **VxFlex Ready Node:** Prior to 2.25.0
- **VxRail Appliance:** Prior to 9.1.000
- **PowerProtect DB:** Prior to 2.7.9
- **Configurations:** Systems utilizing outdated OS update packages (specifically dpc-osupdate) are at heightened risk.
## Vulnerability Description
This advisory covers a suite of security updates addressing various flaws across Dell's enterprise storage and cloud infrastructure. Based on the product types, these vulnerabilities typically involve underlying OS component flaws (addressed via the `dpc-osupdate` package), potential privilege escalation within container modules, and unauthorized access risks in software-defined storage (PowerFlex/VxRail).
## Exploitation
- **Status:** Not currently reported as exploited in the wild (refer to individual vendor CVE tracking).
- **Complexity:** Low to Medium
- **Attack Vector:** Primarily Network (for management interfaces) and Local (for container modules).
## Impact
- **Confidentiality:** High
- **Integrity:** High
- **Availability:** High
## Remediation
### Patches
Dell recommends upgrading to the following versions or higher:
- **Dell PowerFlex Software:** 4.5.5.2 or 5.1.0.1
- **Dell Private Cloud - Red Hat:** 01.04.00.00
- **Dell VxFlex Ready Node:** 2.25.0
- **Dell VxRail Appliance:** 9.1.000
- **OS Update Components:** Apply `dpc-osupdate-1.1.27-1` or later for Data Protection Central and PowerProtect DB.
### Workarounds
- Ensure management interfaces for PowerFlex and VxRail are isolated on dedicated, restricted management networks (OOB).
- Restrict access to Container Storage Modules to authorized Kubernetes/OpenShift administrators only.
## Detection
- **Indicators of Compromise:** Unusual administrative logins, unexpected modification of storage volumes, or unauthorized container orchestration activities.
- **Detection methods and tools:** Monitoring of Dell SupportAssist logs and integration with SIEM for unusual API calls to VxRail or PowerFlex management endpoints.
## References
- Dell Security Advisories Portal: hxxps[://]www[.]dell[.]com/support/security/en-ca
- Cyber Centre Bulletin: hxxps[://]www[.]cyber[.]gc[.]ca/fr/alertes-avis/bulletin-securite-dell-av26-619