Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2021-195: Dell EMC Data Protection Central Security and Dell EMC PowerProtect Data Protection Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC Data Protection Central and Dell EMC PowerProtect Data Protection remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

SP2-based systems
SuSE is not distributing updates for SLES 12 SP2 any longer.

SP5-based systems
Third-party Component CVEs More Information
libsystemd0=228-157.30.1
libudev1=228-157.30.1
systemd-bash-completion=228-157.30.1
systemd-sysvinit=228-157.30.1
systemd=228-157.30.1
udev=228-157.30.1		 CVE-2021-33910 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
runc=1.0.0~rc93-16.11.1 CVE-2016-9962
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2019-16884
CVE-2019-19921
CVE-2019-5736
CVE-2021-30465
containerd=1.4.4-16.42.1 CVE-2016-9962
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2019-5736
CVE-2020-15157
CVE-2020-15257
CVE-2021-21334
CVE-2021-32760
libpcre2-8-0=10.34-1.3.1 CVE-2015-2326
CVE-2017-7186
CVE-2017-8786
dbus-1=1.8.22-35.2
libdbus-1-3=1.8.22-35.2		 CVE-2019-12749
CVE-2020-12049
CVE-2020-35512
cpio-lang=2.11-36.15.1
cpio=2.11-36.15.1		 CVE-2021-38185
kernel-default=4.12.14-122.83.1 CVE-2019-25045
CVE-2020-0429
CVE-2020-24588
CVE-2020-26558
CVE-2020-36385
CVE-2020-36386
CVE-2021-0129
CVE-2021-0512
CVE-2021-0605
CVE-2021-22543
CVE-2021-22555
CVE-2021-33624
CVE-2021-33909
CVE-2021-34693
CVE-2021-3609
CVE-2021-3612
CVE-2021-3659
CVE-2021-37576
libmspack0=0.4-15.10.1 CVE-2018-14681
CVE-2018-14682
glibc-i18ndata=2.22-114.12.1
glibc-locale=2.22-114.12.1
glibc=2.22-114.12.1		 CVE-2016-10228
CVE-2021-35942
rsync=3.1.3-1.19 CVE-2011-1097
CVE-2014-2855
CVE-2014-8242
CVE-2014-9512
CVE-2017-16548
CVE-2017-17433
CVE-2017-17434
CVE-2018-5764
git-core=2.26.2-27.46.4 CVE-2005-4900
CVE-2011-2186
CVE-2014-9390
CVE-2016-2315
CVE-2016-2324
CVE-2017-1000117
CVE-2017-14867
CVE-2017-15298
CVE-2017-8386
CVE-2018-11233
CVE-2018-11235
CVE-2018-17456
CVE-2018-19486
CVE-2019-1348
CVE-2019-1349
CVE-2019-1351
CVE-2019-1353
CVE-2019-19604
CVE-2020-11008
CVE-2021-21300
java-1_8_0-openjdk-headless=1.8.0.302-27.63.2
java-1_8_0-openjdk=1.8.0.302-27.63.2		 CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2021-2161
CVE-2021-2163
CVE-2021-2341
CVE-2021-2369
CVE-2021-2388
docker=20.10.6_ce-98.66.1 CVE-2014-3499
CVE-2014-5277
CVE-2014-6407
CVE-2014-6408
CVE-2014-8178
CVE-2014-8179
CVE-2014-9356
CVE-2014-9357
CVE-2014-9358
CVE-2015-3627
CVE-2015-3629
CVE-2015-3630
CVE-2015-3631
CVE-2016-3697
CVE-2016-8867
CVE-2016-9962
CVE-2017-14992
CVE-2017-16539
CVE-2018-10892
CVE-2018-15664
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2018-20699
CVE-2019-13509
CVE-2019-14271
CVE-2020-13401
CVE-2020-15257
CVE-2021-21284
libsndfile1=1.0.25-36.23.1 CVE-2018-19432
CVE-2018-19758
CVE-2021-3246
curl=7.60.0-11.23.1
libcurl4=7.60.0-11.23.1		 CVE-2021-22922
CVE-2021-22923
CVE-2021-22924
CVE-2021-22925
SP2-based systems
SuSE is not distributing updates for SLES 12 SP2 any longer.

SP5-based systems
Third-party Component CVEs More Information
libsystemd0=228-157.30.1
libudev1=228-157.30.1
systemd-bash-completion=228-157.30.1
systemd-sysvinit=228-157.30.1
systemd=228-157.30.1
udev=228-157.30.1		 CVE-2021-33910 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
runc=1.0.0~rc93-16.11.1 CVE-2016-9962
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2019-16884
CVE-2019-19921
CVE-2019-5736
CVE-2021-30465
containerd=1.4.4-16.42.1 CVE-2016-9962
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2019-5736
CVE-2020-15157
CVE-2020-15257
CVE-2021-21334
CVE-2021-32760
libpcre2-8-0=10.34-1.3.1 CVE-2015-2326
CVE-2017-7186
CVE-2017-8786
dbus-1=1.8.22-35.2
libdbus-1-3=1.8.22-35.2		 CVE-2019-12749
CVE-2020-12049
CVE-2020-35512
cpio-lang=2.11-36.15.1
cpio=2.11-36.15.1		 CVE-2021-38185
kernel-default=4.12.14-122.83.1 CVE-2019-25045
CVE-2020-0429
CVE-2020-24588
CVE-2020-26558
CVE-2020-36385
CVE-2020-36386
CVE-2021-0129
CVE-2021-0512
CVE-2021-0605
CVE-2021-22543
CVE-2021-22555
CVE-2021-33624
CVE-2021-33909
CVE-2021-34693
CVE-2021-3609
CVE-2021-3612
CVE-2021-3659
CVE-2021-37576
libmspack0=0.4-15.10.1 CVE-2018-14681
CVE-2018-14682
glibc-i18ndata=2.22-114.12.1
glibc-locale=2.22-114.12.1
glibc=2.22-114.12.1		 CVE-2016-10228
CVE-2021-35942
rsync=3.1.3-1.19 CVE-2011-1097
CVE-2014-2855
CVE-2014-8242
CVE-2014-9512
CVE-2017-16548
CVE-2017-17433
CVE-2017-17434
CVE-2018-5764
git-core=2.26.2-27.46.4 CVE-2005-4900
CVE-2011-2186
CVE-2014-9390
CVE-2016-2315
CVE-2016-2324
CVE-2017-1000117
CVE-2017-14867
CVE-2017-15298
CVE-2017-8386
CVE-2018-11233
CVE-2018-11235
CVE-2018-17456
CVE-2018-19486
CVE-2019-1348
CVE-2019-1349
CVE-2019-1351
CVE-2019-1353
CVE-2019-19604
CVE-2020-11008
CVE-2021-21300
java-1_8_0-openjdk-headless=1.8.0.302-27.63.2
java-1_8_0-openjdk=1.8.0.302-27.63.2		 CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2021-2161
CVE-2021-2163
CVE-2021-2341
CVE-2021-2369
CVE-2021-2388
docker=20.10.6_ce-98.66.1 CVE-2014-3499
CVE-2014-5277
CVE-2014-6407
CVE-2014-6408
CVE-2014-8178
CVE-2014-8179
CVE-2014-9356
CVE-2014-9357
CVE-2014-9358
CVE-2015-3627
CVE-2015-3629
CVE-2015-3630
CVE-2015-3631
CVE-2016-3697
CVE-2016-8867
CVE-2016-9962
CVE-2017-14992
CVE-2017-16539
CVE-2018-10892
CVE-2018-15664
CVE-2018-16873
CVE-2018-16874
CVE-2018-16875
CVE-2018-20699
CVE-2019-13509
CVE-2019-14271
CVE-2020-13401
CVE-2020-15257
CVE-2021-21284
libsndfile1=1.0.25-36.23.1 CVE-2018-19432
CVE-2018-19758
CVE-2021-3246
curl=7.60.0-11.23.1
libcurl4=7.60.0-11.23.1		 CVE-2021-22922
CVE-2021-22923
CVE-2021-22924
CVE-2021-22925
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions Link to Update  
Dell EMC Data Protection Central 18.1, 18.2, 19.1, 19.2, 19.3, 19.4, and 19.5 18.1, 18.2, 19.1, 19.2, 19.3, 19.4, and 19.5 To upgrade your Dell EMC Data Protection Central system, see KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions.

Software

Release Notes		  
 
Dell EMC PowerProtect Data Protection 2.7 and below Dell EMC Data Protection Central Update Software

Release Notes		  
Product Affected Versions Updated Versions Link to Update  
Dell EMC Data Protection Central 18.1, 18.2, 19.1, 19.2, 19.3, 19.4, and 19.5 18.1, 18.2, 19.1, 19.2, 19.3, 19.4, and 19.5 To upgrade your Dell EMC Data Protection Central system, see KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions.

Software

Release Notes		  
 
Dell EMC PowerProtect Data Protection 2.7 and below Dell EMC Data Protection Central Update Software

Release Notes		  

Workarounds & Mitigations

None.

Revision History

RevisionDateDescription
1.02021-09-22Initial Release
2.02021-10-20PowerProtect Data Protection Added

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Data Protection Central, PowerProtect DP4400, Data Protection Central, PowerProtect DP5300, PowerProtect DP5800, PowerProtect DP8300, PowerProtect DP8800, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family , PowerProtect Data Protection Hardware, Integrated Data Protection Appliance Software, PowerProtect DP5900, PowerProtect DP8400, PowerProtect DP8900, Product Security Information ...