Security Update for Dell iDRAC and Firmware (MINDBREEZE32328)

ID: MINDBREEZE32328 
Affected Components: Mindbreeze InSpire SaaS, Mindbreeze InSpire  
Severity: 8.1 High 
Status: Final 
First published: October 10, 2024 
CVEs: CVE-2024-6387, CVE-2024-22374, CVE-2024-24853, CVE-2024-24980 

Summary

• iDRAC: Possible RCE in OpenSSH
• Potential security vulnerability in some Intel® Xeon Processors may allow denial of service
• Potential security vulnerability in SMI Transfer monitor (STM) may allow escalation of privilege

• Potential security vulnerability in some 3rd, 4th, and 5th Generation Intel® Xeon® Processors may allow escalation of privilege

   

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire Release 24.6 
• Mindbreeze InSpire SaaS Release 24.6