メイン コンテンツに進む
ログアウト

Dellへようこそ

マイアカウント
  • すばやく簡単に注文します
  • 注文を表示して配送状況を追跡します
  • 会員限定の特典や割引の利用
  • 製品リストの作成とアクセス
  • 「Company Administration(会社情報の管理)」では、お使いのDell EMCのサイトや製品、製品レベルでのコンタクト先に関する情報を管理できます。
ログイン アカウントの新規作成 プレミアログイン パートナー プログラム サインイン
お問い合わせ

Dell.comカート

文書番号: 000001670

DSA-2020-158: Dell EMC VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

概要: Dell EMC VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

文書の内容

影響

Critical

詳細

NA

The components are updated for the following vulnerabilities:    

Third-party Component CVE Number More information
VMware ESXi 6.7 CVE-2020-3962 VMware ESXi contains Multiple. Patches and updates are available to remediate these vulnerabilities in affected VMware products.
For more information, see VMSA-2020-0015
 
CVE-2020-3963
CVE-2020-3964
CVE-2020-3965
CVE-2020-3966
CVE-2020-3967
CVE-2020-3968
CVE-2020-3969
CVE-2020-3970
CVE-2020-3971
VMware ESXi 6.7 CVE-2020-3960 VMware ESXi contains an out-of-bounds read vulnerability in the NVMe functionality. A malicious actor with local non-administrative access to a virtual machine might be able to read privileged information contained in the memory. For more information, see VMSA-2020-0012 and VMware ESXi 6.7 EP15 Release Notes
SUSE Enterprise Linux Server CVE-2018-15518 SUSE Enterprise Linux Server 12 SP4 Updates
CVE-2018-19869
CVE-2018-19873
CVE-2019-10216
CVE-2019-12519
CVE-2019-12520
CVE-2019-12524
CVE-2019-13456
CVE-2019-14869
CVE-2019-15681
CVE-2019-17185
CVE-2019-19768
CVE-2019-19770
CVE-2019-20788
CVE-2019-9458
CVE-2020-10018
CVE-2020-10531
CVE-2020-11739
CVE-2020-11741
CVE-2020-11793
CVE-2020-11945
CVE-2020-12059
CVE-2020-12243
CVE-2020-12268
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12393
CVE-2020-12395
CVE-2020-13249
CVE-2020-1711
CVE-2020-1747
CVE-2020-1938
CVE-2020-1967
CVE-2020-3865
CVE-2020-3868
CVE-2020-3899
CVE-2020-6831
CVE-2020-7039
CVE-2020-7211
CVE-2020-8608
CVE-2020-8616
CVE-2020-8617
CVE-2020-9383


For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm .  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search

The components are updated for the following vulnerabilities:    

Third-party Component CVE Number More information
VMware ESXi 6.7 CVE-2020-3962 VMware ESXi contains Multiple. Patches and updates are available to remediate these vulnerabilities in affected VMware products.
For more information, see VMSA-2020-0015
 
CVE-2020-3963
CVE-2020-3964
CVE-2020-3965
CVE-2020-3966
CVE-2020-3967
CVE-2020-3968
CVE-2020-3969
CVE-2020-3970
CVE-2020-3971
VMware ESXi 6.7 CVE-2020-3960 VMware ESXi contains an out-of-bounds read vulnerability in the NVMe functionality. A malicious actor with local non-administrative access to a virtual machine might be able to read privileged information contained in the memory. For more information, see VMSA-2020-0012 and VMware ESXi 6.7 EP15 Release Notes
SUSE Enterprise Linux Server CVE-2018-15518 SUSE Enterprise Linux Server 12 SP4 Updates
CVE-2018-19869
CVE-2018-19873
CVE-2019-10216
CVE-2019-12519
CVE-2019-12520
CVE-2019-12524
CVE-2019-13456
CVE-2019-14869
CVE-2019-15681
CVE-2019-17185
CVE-2019-19768
CVE-2019-19770
CVE-2019-20788
CVE-2019-9458
CVE-2020-10018
CVE-2020-10531
CVE-2020-11739
CVE-2020-11741
CVE-2020-11793
CVE-2020-11945
CVE-2020-12059
CVE-2020-12243
CVE-2020-12268
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12393
CVE-2020-12395
CVE-2020-13249
CVE-2020-1711
CVE-2020-1747
CVE-2020-1938
CVE-2020-1967
CVE-2020-3865
CVE-2020-3868
CVE-2020-3899
CVE-2020-6831
CVE-2020-7039
CVE-2020-7211
CVE-2020-8608
CVE-2020-8616
CVE-2020-8617
CVE-2020-9383


For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm .  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベース スコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

Affected products:   

  • Dell EMC VxRail Appliance versions prior to 4.7.511


Remediation:
The following Dell EMC VxRail Appliance release contains a resolution to this vulnerability:

  • Dell EMC VxRail Appliance version 4.7.511

Dell EMC recommends all customers upgrade at the earliest opportunity.


Affected products:   

  • Dell EMC VxRail Appliance versions prior to 4.7.511


Remediation:
The following Dell EMC VxRail Appliance release contains a resolution to this vulnerability:

  • Dell EMC VxRail Appliance version 4.7.511

Dell EMC recommends all customers upgrade at the earliest opportunity.


関連情報

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法的情報

文書のプロパティ

影響を受ける製品
CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series, VxRail G410 , VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F ...
最後に公開された日付

24 11月 2021

バージョン

5

文書の種類

Dell Security Advisory

トップに戻る