DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Etkilenen Ürünler

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.

Diğer kaynaklara göz atın

Impact

Critical

Details

Proprietary Code CVE(s)	Description	CVSSBase Score	CVSS Vector String
CVE-2021-21531	Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.	8.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Third-Party Component	CVE(s)	More information
Oracle	CVE-2020-14803	See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Spring Framework	CVE-2020-5421
Spring Framework	CVE-2020-5398
OpenSSL	CVE-2020-1971
Internet Explorer 11	CVE-2020-17053
	CVE-2020-17058
	CVE-2020-17052
Microsoft .NET	CVE-2020-16937
Windows 10	See Windows Advisory for individual CVE IDs

Proprietary Code CVE(s)	Description	CVSSBase Score	CVSS Vector String
CVE-2021-21531	Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.	8.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Third-Party Component	CVE(s)	More information
Oracle	CVE-2020-14803	See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Spring Framework	CVE-2020-5421
Spring Framework	CVE-2020-5398
OpenSSL	CVE-2020-1971
Internet Explorer 11	CVE-2020-17053
	CVE-2020-17058
	CVE-2020-17052
Microsoft .NET	CVE-2020-16937
Windows 10	See Windows Advisory for individual CVE IDs

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

Product	Affected Version(s)	Updated Version(s)	Link to Update
Unisphere for PowerMax	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Solutions Enabler	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
PowerMax OS	5978	5978	Request OPT 579961 for Foxtail SR and Hickory SR

Product	Affected Version(s)	Updated Version(s)	Link to Update
Unisphere for PowerMax	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Solutions Enabler	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
PowerMax OS	5978	5978	Request OPT 579961 for Foxtail SR and Hickory SR

Revision History

Revision	Date	Description
1.0	2021-03-24	Q1 2021 Security Release for PowerMax Foxtail SR and Hickory SR releases.

Related Information

Yasal Uyarı

Etkilenen Ürünler

Product Security Information, Solutions Enabler, Unisphere for PowerMax

Article Number: 000184565

Article Type: Dell Security Advisory

Son Değiştirme: 25 Mar 2021

Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.

DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Impact

Details

Etkilenen Ürünler ve Düzeltme

Revision History

İlgili Bilgiler

Yasal Uyarı

Etkilenen Ürünler

Impact

Details

Etkilenen Ürünler ve Düzeltme

Revision History

Related Information

Yasal Uyarı

Etkilenen Ürünler

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Ayrıntılı Makale

Impact

Details

Etkilenen Ürünler ve Düzeltme

Revision History

İlgili Bilgiler

Yasal Uyarı

Etkilenen Ürünler

Impact

Details

Etkilenen Ürünler ve Düzeltme

Revision History

Related Information

Yasal Uyarı

Etkilenen Ürünler

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri