Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000153611

DSA-2020-012: VxRail Security Update for VMware ESXi denial-of-service vulnerability

Summary: VMware ESXi contains a denial-of-service vulnerability in VxRail, which requires a security update to address it.

Article Content

Impact

Medium

Details

Summary:    
VMware ESXi contains a denial-of-service vulnerability in VxRail, which requires a security update to address it.

VMware ESXi is an embedded management platform used in VxRail.

Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.

VMware ESXi is updated to address the following vulnerability:    

  • CVE-2019-5536
    6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

The workaround for this issue involves disabling the 3D-acceleration feature. See VMware Security Advisory for more information.  

VMware ESXi is an embedded management platform used in VxRail.

Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.

VMware ESXi is updated to address the following vulnerability:    

  • CVE-2019-5536
    6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

The workaround for this issue involves disabling the 3D-acceleration feature. See VMware Security Advisory for more information.  

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected Products:   

  • VxRail 4.0.x version Not affected

  • VxRail 4.5.x versions prior to 4.5.401 affected

  • VxRail 4.7.x versions prior to 4.7.301 affected

Remediation:
Dell EMC recommends all impacted customers upgrade to VxRail 4.5.401+ or VxRail 4.7.301+ at the earliest opportunity.

https://support.emc.com/docu91467_VxRail-Appliance-Software-4.7.x-Release-Notes.pdf?language=en_US

https://support.emc.com/docu86659_VxRail-Appliance-Software-4.5.x-Release-Notes.pdf?language=en_US


Affected Products:   

  • VxRail 4.0.x version Not affected

  • VxRail 4.5.x versions prior to 4.5.401 affected

  • VxRail 4.7.x versions prior to 4.7.301 affected

Remediation:
Dell EMC recommends all impacted customers upgrade to VxRail 4.5.401+ or VxRail 4.7.301+ at the earliest opportunity.

https://support.emc.com/docu91467_VxRail-Appliance-Software-4.7.x-Release-Notes.pdf?language=en_US

https://support.emc.com/docu86659_VxRail-Appliance-Software-4.5.x-Release-Notes.pdf?language=en_US


Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product
CloudArray Virtual Edition for VxRail Appliance, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series, VxRail G410, VxRail G Series Nodes , VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF ...
Last Published Date

13 Oct 2021

Version

5

Article Type

Dell Security Advisory

Back to Top