PowerEdge R320 iDRAC7 OpenSSH Vulnerabilities

Our Vulscanner has flagged our iDRAC7 with many OpenSSH vulnerabilities. While our iDRAC7 does need a firmware update, I was hoping to get information on these vulnerabilities to confirm if these are the real deal. I haven't been able to track too much information down regarding these vulnerabilities affecting the iDRAC7. I appreciate any feedback/knowledge on this issue!

Here are some vulnerabilities that are being flagged:

• CVE-2015-6564
• CVE-2016-0777
• CVE-2015-8325
• CVE-2016-6515
• CVE-2016-10009
• CVE-2016-3115
• CVE-2016-0800
• CVE-2014-2653
• CVE-2016-1907

There are plenty more where that came from unfortunately, where all involve some sort of OpenSSH vulnerability (Privilege escalation, DoS, Weak Encryption algorithms, User Enumeration, security bypass, Xauth Injection, Client Information Leak, etc).

Our PowerEdgeR530 iDRAC8 is also experiencing similar OpenSSH vulnerabilities.

Would appreciate the help on this!