Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000180936

DSA-2020-231: Dell EMC Integrated Data Protection Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Article Content

Impact

Critical

Details

Multiple components within Dell EMC Integrated Data Protection Appliance require a security update to address various vulnerabilities. 

Third-party Component CVE(s) More information
ESXi CVE-2020-3962 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2020-3969
CVE-2020-3970
CVE-2020-3967
CVE-2020-3968
CVE-2020-3967
CVE-2020-3968
CVE-2020-3966
vCenter See link: VMware vCenter Server 6.7 Update
Oracle Critical Patch Update Advisory - July 2020 See link: Oracle July 2020 CPU  

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Third-party Component CVE(s) More information
ESXi CVE-2020-3962 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2020-3969
CVE-2020-3970
CVE-2020-3967
CVE-2020-3968
CVE-2020-3967
CVE-2020-3968
CVE-2020-3966
vCenter See link: VMware vCenter Server 6.7 Update
Oracle Critical Patch Update Advisory - July 2020 See link: Oracle July 2020 CPU  

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products:       
Dell EMC Integrated Data Protection Appliance 2.0, 2.1, 2.2, 2.3, 2.4, and 2.5


Remediation:     
The following Dell EMC Integrated Data Protection Appliance release addresses these vulnerabilities:     

  • Dell EMC Integrated Data Protection Appliance 2.6

For DP4400 appliance:    
https://dl.dell.com/downloads/DL100334_IDPA-2.6-Upgrade-for-IDPA-DP4400-Appliance.gz

For DP5x and DP8x appliances:     
https://dl.dell.com/downloads/DL100355_IDPA-2.6-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.gz

Upgrade paths to version 2.6 for previous IDPA versions:     
2.0 > 2.1 > 2.3.1 > 2.6
2.1 or 2.2 > 2.3.1 > 2.6
2.3.x or 2.4.x or 2.5 > 2.6

Dell recommends all customers upgrade at the earliest opportunity.



Affected products:       
Dell EMC Integrated Data Protection Appliance 2.0, 2.1, 2.2, 2.3, 2.4, and 2.5


Remediation:     
The following Dell EMC Integrated Data Protection Appliance release addresses these vulnerabilities:     

  • Dell EMC Integrated Data Protection Appliance 2.6

For DP4400 appliance:    
https://dl.dell.com/downloads/DL100334_IDPA-2.6-Upgrade-for-IDPA-DP4400-Appliance.gz

For DP5x and DP8x appliances:     
https://dl.dell.com/downloads/DL100355_IDPA-2.6-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.gz

Upgrade paths to version 2.6 for previous IDPA versions:     
2.0 > 2.1 > 2.3.1 > 2.6
2.1 or 2.2 > 2.3.1 > 2.6
2.3.x or 2.4.x or 2.5 > 2.6

Dell recommends all customers upgrade at the earliest opportunity.



Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Integrated Data Protection Appliance Family

Product
PowerProtect DP4400, PowerProtect DP5300, PowerProtect DP5800, PowerProtect DP8300, PowerProtect DP8800, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware , Integrated Data Protection Appliance Software ...
Last Published Date

22 May 2021

Version

3

Article Type

Dell Security Advisory

Back to Top