Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

DSA-2019-087: Dell EMC Unity Family Security Update for Multiple Third Party Components

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Impact

Critical

Details

   Summary:    
Multiple components within the Dell EMC Unity Product Family require security updates to address various vulnerabilities.

The components are updated for the following vulnerabilities:    

  • Apache2

CVE-2018-17199    CVE-2019-0217    CVE-2019-0220

  • Apache Tomcat

CVE-2018-1336    CVE-2018-8014    CVE-2018-8034    CVE-2018-11784

  • Bash

CVE-2019-9924

  • Curl

CVE-2018-16890    CVE-2019-3822    CVE-2019-3823

  • Graphite2

CVE-2017-5436

  • Krb5

CVE-2018-20217

  • libssh2_org

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3858
CVE-2019-3859    CVE-2019-3860    CVE-2019-3861    CVE-2019-3862
CVE-2019-3863

  • Mozilla Firefox

CVE-2018-0495    CVE-2018-12384    CVE-2018-12404    CVE-2018-12405
CVE-2018-17466    CVE-2018-18492    CVE-2018-18493    CVE-2018-18494
CVE-2018-18498    CVE-2018-18500    CVE-2018-18501    CVE-2018-18505

  • NTP

CVE-2019-8936

  • OpenSSH

CVE-2018-15473    CVE-2018-15919    CVE-2018-20685    CVE-2019-6109
CVE-2019-6110    CVE-2019-6111

  • OpenSSL

CVE-2016-8610    CVE-2018-0734    CVE-2018-5407

  • Polkit

CVE-2018-19788

  • Procps

CVE-2018-1122    CVE-2018-1123    CVE-2018-1124    CVE-2018-1125
CVE-2018-1126

  • Python

CVE-2018-14647    CVE-2019-5010

  • RPM

CVE-2017-7500    CVE-2017-7501

  • Rrdtool

CVE-2013-2131

  • Sqlite3

CVE-2018-20346    CVE-2018-20506

  • Systemd

CVE-2018-15686    CVE-2018-16864    CVE-2018-16865    CVE-2019-6454

For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search

The components are updated for the following vulnerabilities:    

  • Apache2

CVE-2018-17199    CVE-2019-0217    CVE-2019-0220

  • Apache Tomcat

CVE-2018-1336    CVE-2018-8014    CVE-2018-8034    CVE-2018-11784

  • Bash

CVE-2019-9924

  • Curl

CVE-2018-16890    CVE-2019-3822    CVE-2019-3823

  • Graphite2

CVE-2017-5436

  • Krb5

CVE-2018-20217

  • libssh2_org

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3858
CVE-2019-3859    CVE-2019-3860    CVE-2019-3861    CVE-2019-3862
CVE-2019-3863

  • Mozilla Firefox

CVE-2018-0495    CVE-2018-12384    CVE-2018-12404    CVE-2018-12405
CVE-2018-17466    CVE-2018-18492    CVE-2018-18493    CVE-2018-18494
CVE-2018-18498    CVE-2018-18500    CVE-2018-18501    CVE-2018-18505

  • NTP

CVE-2019-8936

  • OpenSSH

CVE-2018-15473    CVE-2018-15919    CVE-2018-20685    CVE-2019-6109
CVE-2019-6110    CVE-2019-6111

  • OpenSSL

CVE-2016-8610    CVE-2018-0734    CVE-2018-5407

  • Polkit

CVE-2018-19788

  • Procps

CVE-2018-1122    CVE-2018-1123    CVE-2018-1124    CVE-2018-1125
CVE-2018-1126

  • Python

CVE-2018-14647    CVE-2019-5010

  • RPM

CVE-2017-7500    CVE-2017-7501

  • Rrdtool

CVE-2013-2131

  • Sqlite3

CVE-2018-20346    CVE-2018-20506

  • Systemd

CVE-2018-15686    CVE-2018-16864    CVE-2018-16865    CVE-2019-6454

For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Affected products:     

  • Dell EMC Unity Operating Environment (OE) versions prior to 5.0.0.0.5.116

  • Dell EMC Unity VSA Operating Environment (OE) versions prior to 5.0.0.0.5.116


Remediation:     
The following Dell EMC Unity releases address these vulnerabilities:  

  • Dell EMC Unity Operating Environment (OE) version 5.0.0.0.5.116

  • Dell EMC UnityVSA Operating Environment (OE) version 5.0.0.0.5.116

To take advantage of the latest security fixes and enhancements, Dell EMC recommends upgrading to the latest Unity OE code.

Customers can refer to Dell EMC target code information at https://support.emc.com/docu39695_Target_Revisions_and_Adoption_Rates.pdf?language=en_US&language=en_US.


Link to Remedies:     
Registered Dell EMC Support customers can download Dell EMC Unity software from the Dell EMC Online Support web site.



Affected products:     

  • Dell EMC Unity Operating Environment (OE) versions prior to 5.0.0.0.5.116

  • Dell EMC Unity VSA Operating Environment (OE) versions prior to 5.0.0.0.5.116


Remediation:     
The following Dell EMC Unity releases address these vulnerabilities:  

  • Dell EMC Unity Operating Environment (OE) version 5.0.0.0.5.116

  • Dell EMC UnityVSA Operating Environment (OE) version 5.0.0.0.5.116

To take advantage of the latest security fixes and enhancements, Dell EMC recommends upgrading to the latest Unity OE code.

Customers can refer to Dell EMC target code information at https://support.emc.com/docu39695_Target_Revisions_and_Adoption_Rates.pdf?language=en_US&language=en_US.


Link to Remedies:     
Registered Dell EMC Support customers can download Dell EMC Unity software from the Dell EMC Online Support web site.



Related Information

Affected Products

Dell EMC Unity Family

Products

Product Security Information, Dell Unity 300, Dell EMC Unity 300F, Dell EMC Unity 350F, Dell EMC Unity XT 380, Dell EMC Unity 400, Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity XT 480, Dell EMC Unity 500, Dell EMC Unity 500F , Dell EMC Unity 550F, Dell EMC Unity 600, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity XT 680, Dell EMC Unity XT 680F, Dell EMC Unity XT 880, Dell EMC Unity XT 880F, Dell EMC Unity Family |Dell EMC Unity All Flash, Dell EMC Unity Family, Dell EMC Unity Hybrid ...
Article Properties
Article Number: 000001841
Article Type: Dell Security Advisory
Last Modified: 20 Sep 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.