Article Number: 000153792
Critical
Summary:
Multiple embedded components within Dell EMC Unisphere Central require security updates to address various vulnerabilities.
The embedded components have been updated to remediate the following vulnerabilities:
curl
CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621
CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586
CVE-2017-7407 CVE-2017-1000100 CVE-2017-1000254 CVE-2018-1000007
CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000301
CVE-2018-14618 CVE-2018-16840 CVE-2018-16842
glibc
CVE-2015-5180 CVE-2017-12133 CVE-2017-15670 CVE-2017-15671
CVE-2017-15804 CVE-2018-11236
OpenSSL
CVE-2017-0739
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
The embedded components have been updated to remediate the following vulnerabilities:
curl
CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621
CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586
CVE-2017-7407 CVE-2017-1000100 CVE-2017-1000254 CVE-2018-1000007
CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000301
CVE-2018-14618 CVE-2018-16840 CVE-2018-16842
glibc
CVE-2015-5180 CVE-2017-12133 CVE-2017-15670 CVE-2017-15671
CVE-2017-15804 CVE-2018-11236
OpenSSL
CVE-2017-0739
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Affected products:
Dell EMC Unisphere Central versions prior to 4.0.8.23220
Remediation:
The following Dell EMC Unisphere Central release addresses these vulnerabilities:
Dell EMC Unisphere Central 4.0.8.23220 (4.0 SP8)
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Registered Dell EMC Support customers can download Unisphere Central software from the Dell EMC Online Support web site at: https://support.emc.com/downloads/28224_Unisphere-Central
Affected products:
Dell EMC Unisphere Central versions prior to 4.0.8.23220
Remediation:
The following Dell EMC Unisphere Central release addresses these vulnerabilities:
Dell EMC Unisphere Central 4.0.8.23220 (4.0 SP8)
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Registered Dell EMC Support customers can download Unisphere Central software from the Dell EMC Online Support web site at: https://support.emc.com/downloads/28224_Unisphere-Central
Unisphere Central
Product Security Information, Unisphere Central
22 May 2021
4
Dell Security Advisory