Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000189435

DSA-2021-148: Dell PowerFlex Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerFlex Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

High

Details

Third-Party Component CVEs More information
Intel
 		 CVE-2020-24511 INTEL-SA-00463
INTEL-SA-00464
 
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
Dell Server iDRAC CVE-2020-26198

DSA-2020-268: Dell EMC iDRAC9 Reflected XSS Vulnerability 
Third-Party Component CVEs More information
Intel
 		 CVE-2020-24511 INTEL-SA-00463
INTEL-SA-00464
 
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
Dell Server iDRAC CVE-2020-26198

DSA-2020-268: Dell EMC iDRAC9 Reflected XSS Vulnerability 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2020-24511 PowerFlex Appliance Versions before Intelligent Catalog 37.355.00.r16

Versions before Intelligent Catalog 37.361.00.r14		 Intelligent Catalog 37.355.00.r16


Intelligent Catalog 37.361.00.r14		 For IC downloads:
https://www.dell.com/support/home/en-us/product-support/product/vxflex-appliance-sw/drivers
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
CVE-2020-26198
CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2020-24511 PowerFlex Appliance Versions before Intelligent Catalog 37.355.00.r16

Versions before Intelligent Catalog 37.361.00.r14		 Intelligent Catalog 37.355.00.r16


Intelligent Catalog 37.361.00.r14		 For IC downloads:
https://www.dell.com/support/home/en-us/product-support/product/vxflex-appliance-sw/drivers
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
CVE-2020-26198

Revision History

RevisionDateDescription
1.02021-07-07Initial Release
2.02021-07-14Removed VMware component which is addressed in DSA-2021-128: Dell PowerFlex Appliance Security Update for VMware vCenter Server Component Vulnerabilities

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

PowerFlex Appliance, Product Security Information, PowerFlex appliance R640, PowerFlex appliance R740XD, PowerFlex appliance R840

Last Published Date

30 Jul 2021

Version

3

Article Type

Dell Security Advisory

Back to Top