Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2021-203: Dell EMC Integrated Data Protection Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Table of Contents

Detailed Article

Impact

Details

Affected Products & Remediation

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Dell EMC Integrated Data Protection Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to

Check out resources for

Impact

Critical

Details

Third-party Component	CVEs	More information
vSphere 6.7	CVE-2021-21991	https://www.vmware.com/security/advisories/VMSA-2021-0020.html https://www.vmware.com/security/advisories/VMSA-2021-0002 https://www.vmware.com/security/advisories/VMSA-2021-0010.html https://www.vmware.com/security/advisories/VMSA-2021-0014.html https://www.vmware.com/security/advisories/VMSA-2020-0029.html
	CVE-2021-21992
	CVE-2021-21993
	CVE-2021-22005
	CVE-2021-22006
	CVE-2021-22007
	CVE-2021-22008
	CVE-2021-22009
	CVE-2021-22010
	CVE-2021-22011
	CVE-2021-22012
	CVE-2021-22013
	CVE-2021-22014
	CVE-2021-22015
	CVE-2021-22016
	CVE-2021-22017
	CVE-2021-22018
	CVE-2021-22019
	CVE-2021-22020
	CVE-2021-21974
	CVE-2021-21985
	CVE-2021-21986
	CVE-2021-21994
	CVE-2021-21995
	CVE-2020-3999
iDRAC9	CVE-2021-21538	https://www.dell.com/support/manuals/en-us/idrac9-lifecycle-controller-v4.x-series/idrac9_4.40.10.00_rn/release-summary
	CVE-2021-21539
	CVE-2021-21540
	CVE-2021-21541
	CVE-2021-21542
	CVE-2021-21543
	CVE-2021-21544
iDRAC8	CVE-2021-21510	https://www.dell.com/support/kbdoc/en-us/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability
Appliance Configuration Manager	CVE-2020-25632	See NVD (http://nvd.nist.gov/) for individual scores for each CVE. https://www.suse.com/support/kb/doc/?id=000019892 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2021.html
	CVE-2020-25647
	CVE-2020-27749
	CVE-2020-27779
	CVE-2020-14372
	CVE-2021-20225
	CVE-2021-20233
	CVE-2020-14803
	CVE-2021-2388
	CVE-2021-2369
	CVE-2021-2432
	CVE-2021-2341
	CVE-2021-2161
	CVE-2021-2163
Intel® SGX and Intel® TXT	CVE-2020-8764	INTEL-SA-00390 INTEL-SA-00358 INTEL-SA-00391 INTEL-SA-00381
	CVE-2020-8738
	CVE-2020-8740
	CVE-2020-8739
	CVE-2020-8674
	CVE-2020-8738
	CVE-2020-8740
	CVE-2020-8739
	CVE-2020-0587
	CVE-2020-0588
	CVE-2020-0590
	CVE-2020-0591
	CVE-2020-0592
	CVE-2020-0593
	CVE-2020-8705
	CVE-2020-8755
	CVE-2020-8696

Third-party Component	CVEs	More information
vSphere 6.7	CVE-2021-21991	https://www.vmware.com/security/advisories/VMSA-2021-0020.html https://www.vmware.com/security/advisories/VMSA-2021-0002 https://www.vmware.com/security/advisories/VMSA-2021-0010.html https://www.vmware.com/security/advisories/VMSA-2021-0014.html https://www.vmware.com/security/advisories/VMSA-2020-0029.html
	CVE-2021-21992
	CVE-2021-21993
	CVE-2021-22005
	CVE-2021-22006
	CVE-2021-22007
	CVE-2021-22008
	CVE-2021-22009
	CVE-2021-22010
	CVE-2021-22011
	CVE-2021-22012
	CVE-2021-22013
	CVE-2021-22014
	CVE-2021-22015
	CVE-2021-22016
	CVE-2021-22017
	CVE-2021-22018
	CVE-2021-22019
	CVE-2021-22020
	CVE-2021-21974
	CVE-2021-21985
	CVE-2021-21986
	CVE-2021-21994
	CVE-2021-21995
	CVE-2020-3999
iDRAC9	CVE-2021-21538	https://www.dell.com/support/manuals/en-us/idrac9-lifecycle-controller-v4.x-series/idrac9_4.40.10.00_rn/release-summary
	CVE-2021-21539
	CVE-2021-21540
	CVE-2021-21541
	CVE-2021-21542
	CVE-2021-21543
	CVE-2021-21544
iDRAC8	CVE-2021-21510	https://www.dell.com/support/kbdoc/en-us/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability
Appliance Configuration Manager	CVE-2020-25632	See NVD (http://nvd.nist.gov/) for individual scores for each CVE. https://www.suse.com/support/kb/doc/?id=000019892 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2021.html
	CVE-2020-25647
	CVE-2020-27749
	CVE-2020-27779
	CVE-2020-14372
	CVE-2021-20225
	CVE-2021-20233
	CVE-2020-14803
	CVE-2021-2388
	CVE-2021-2369
	CVE-2021-2432
	CVE-2021-2341
	CVE-2021-2161
	CVE-2021-2163
Intel® SGX and Intel® TXT	CVE-2020-8764	INTEL-SA-00390 INTEL-SA-00358 INTEL-SA-00391 INTEL-SA-00381
	CVE-2020-8738
	CVE-2020-8740
	CVE-2020-8739
	CVE-2020-8674
	CVE-2020-8738
	CVE-2020-8740
	CVE-2020-8739
	CVE-2020-0587
	CVE-2020-0588
	CVE-2020-0590
	CVE-2020-0591
	CVE-2020-0592
	CVE-2020-0593
	CVE-2020-8705
	CVE-2020-8755
	CVE-2020-8696

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product	Affected Versions	Updated Versions	Link to Update
Dell EMC Integrated Data Protection Appliance	Versions before 2.7	2.7	Link to 2.7 upgrade binary

Product	Affected Versions	Updated Versions	Link to Update
Dell EMC Integrated Data Protection Appliance	Versions before 2.7	2.7	Link to 2.7 upgrade binary

Related Information

Legal Disclaimer

Affected Products

Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information

DSA-2021-203: Dell EMC Integrated Data Protection Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC Integrated Data Protection Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Welcome

Welcome to Dell

DSA-2021-203: Dell EMC Integrated Data Protection Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC Integrated Data Protection Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Detailed Article

Impact

Details

Affected Products & Remediation

Related Info

Legal Disclaimer

Affected Products

Impact

Details

Affected Products & Remediation

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services