Número del artículo: 000001670

DSA-2020-158: Dell EMC VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Resumen: Dell EMC VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Contenido del artículo

Impacto

Critical

Detalles

The components are updated for the following vulnerabilities:

Third-party Component	CVE Number	More information
VMware ESXi 6.7	CVE-2020-3962	VMware ESXi contains Multiple. Patches and updates are available to remediate these vulnerabilities in affected VMware products. For more information, see VMSA-2020-0015
	CVE-2020-3963
	CVE-2020-3964
	CVE-2020-3965
	CVE-2020-3966
	CVE-2020-3967
	CVE-2020-3968
	CVE-2020-3969
	CVE-2020-3970
	CVE-2020-3971
VMware ESXi 6.7	CVE-2020-3960	VMware ESXi contains an out-of-bounds read vulnerability in the NVMe functionality. A malicious actor with local non-administrative access to a virtual machine might be able to read privileged information contained in the memory. For more information, see VMSA-2020-0012 and VMware ESXi 6.7 EP15 Release Notes
SUSE Enterprise Linux Server	CVE-2018-15518	SUSE Enterprise Linux Server 12 SP4 Updates
	CVE-2018-19869
	CVE-2018-19873
	CVE-2019-10216
	CVE-2019-12519
	CVE-2019-12520
	CVE-2019-12524
	CVE-2019-13456
	CVE-2019-14869
	CVE-2019-15681
	CVE-2019-17185
	CVE-2019-19768
	CVE-2019-19770
	CVE-2019-20788
	CVE-2019-9458
	CVE-2020-10018
	CVE-2020-10531
	CVE-2020-11739
	CVE-2020-11741
	CVE-2020-11793
	CVE-2020-11945
	CVE-2020-12059
	CVE-2020-12243
	CVE-2020-12268
	CVE-2020-12387
	CVE-2020-12388
	CVE-2020-12389
	CVE-2020-12393
	CVE-2020-12395
	CVE-2020-13249
	CVE-2020-1711
	CVE-2020-1747
	CVE-2020-1938
	CVE-2020-1967
	CVE-2020-3865
	CVE-2020-3868
	CVE-2020-3899
	CVE-2020-6831
	CVE-2020-7039
	CVE-2020-7211
	CVE-2020-8608
	CVE-2020-8616
	CVE-2020-8617
	CVE-2020-9383

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm .

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search

The components are updated for the following vulnerabilities:

Third-party Component	CVE Number	More information
VMware ESXi 6.7	CVE-2020-3962	VMware ESXi contains Multiple. Patches and updates are available to remediate these vulnerabilities in affected VMware products. For more information, see VMSA-2020-0015
	CVE-2020-3963
	CVE-2020-3964
	CVE-2020-3965
	CVE-2020-3966
	CVE-2020-3967
	CVE-2020-3968
	CVE-2020-3969
	CVE-2020-3970
	CVE-2020-3971
VMware ESXi 6.7	CVE-2020-3960	VMware ESXi contains an out-of-bounds read vulnerability in the NVMe functionality. A malicious actor with local non-administrative access to a virtual machine might be able to read privileged information contained in the memory. For more information, see VMSA-2020-0012 and VMware ESXi 6.7 EP15 Release Notes
SUSE Enterprise Linux Server	CVE-2018-15518	SUSE Enterprise Linux Server 12 SP4 Updates
	CVE-2018-19869
	CVE-2018-19873
	CVE-2019-10216
	CVE-2019-12519
	CVE-2019-12520
	CVE-2019-12524
	CVE-2019-13456
	CVE-2019-14869
	CVE-2019-15681
	CVE-2019-17185
	CVE-2019-19768
	CVE-2019-19770
	CVE-2019-20788
	CVE-2019-9458
	CVE-2020-10018
	CVE-2020-10531
	CVE-2020-11739
	CVE-2020-11741
	CVE-2020-11793
	CVE-2020-11945
	CVE-2020-12059
	CVE-2020-12243
	CVE-2020-12268
	CVE-2020-12387
	CVE-2020-12388
	CVE-2020-12389
	CVE-2020-12393
	CVE-2020-12395
	CVE-2020-13249
	CVE-2020-1711
	CVE-2020-1747
	CVE-2020-1938
	CVE-2020-1967
	CVE-2020-3865
	CVE-2020-3868
	CVE-2020-3899
	CVE-2020-6831
	CVE-2020-7039
	CVE-2020-7211
	CVE-2020-8608
	CVE-2020-8616
	CVE-2020-8617
	CVE-2020-9383

Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Productos y soluciones comprometidos

Affected products:

Dell EMC VxRail Appliance versions prior to 4.7.511

Remediation:
The following Dell EMC VxRail Appliance release contains a resolution to this vulnerability:

Dell EMC VxRail Appliance version 4.7.511

Dell EMC recommends all customers upgrade at the earliest opportunity.

Affected products:

Dell EMC VxRail Appliance versions prior to 4.7.511

Remediation:
The following Dell EMC VxRail Appliance release contains a resolution to this vulnerability:

Dell EMC VxRail Appliance version 4.7.511

Dell EMC recommends all customers upgrade at the earliest opportunity.

Información relacionada

Información legal

Propiedades del artículo

Producto comprometido

CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series, VxRail G410 , VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F ...

Fecha de la última publicación

24 nov 2021

Versión

Tipo de artículo

Dell Security Advisory

Volver al principio

Bienvenido

Bienvenido a Dell