Skip to main content

DSA-2020-127: Dell EMC Data Computing Appliance (DCA) version 3.5.5.0 Security Update for Multiple Third-Party Component Vulnerabilities

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Impact

Critical

Details

Affected products:   
EMC Software:   
Only EMC Data Computing Appliance (DCA) version 3.3.0.0, 3.4.0.0, 3.4.1.0, 3.4.2.0, 3.5.0.0, 3.5.1.0, 3.5.2.0, 3.5.3.0, and 3.5.4.0 can be upgraded to version 3.5.5.0.
To upgrade an earlier DCA version, you must upgrade to version 3.3.0.0 and then to version 3.5.5.0.


Summary: 
Multiple components within Dell EMC DCA require a security update to address various vulnerabilities. 

Third-party Component CVE(s) More information
Kernel  CVE-2018-9568  See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

 
CVE-2019-11810
CVE-2019-14835
CVE-2019-0155
CVE-2019-14821
sudo   CVE-2019-14287
ppp     CVE-2020-8597
openjdk  CVE-2019-2949
CVE-2019-2989
CVE-2019-2958
CVE-2019-2977
CVE-2019-2975
CVE-2019-2999
CVE-2019-2996
CVE-2019-2987
CVE-2019-2962
CVE-2019-2988
CVE-2019-2992
CVE-2019-2964
CVE-2019-2973
CVE-2019-2981
CVE-2019-2978
CVE-2019-2894
CVE-2019-2983
CVE-2019-2933
CVE-2019-2945
CVE-2019-11068
CVE-2019-18197
CVE-2020-2803
CVE-2020-2805
CVE-2020-2816
CVE-2020-2781
CVE-2020-2830
CVE-2020-2767
CVE-2020-2800
CVE-2020-2778
CVE-2020-2764
CVE-2020-2754
CVE-2020-2755
CVE-2020-2773
CVE-2020-2756
CVE-2020-2757
php     CVE-2019-11043
Third-party Component CVE(s) More information
Kernel  CVE-2018-9568  See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

 
CVE-2019-11810
CVE-2019-14835
CVE-2019-0155
CVE-2019-14821
sudo   CVE-2019-14287
ppp     CVE-2020-8597
openjdk  CVE-2019-2949
CVE-2019-2989
CVE-2019-2958
CVE-2019-2977
CVE-2019-2975
CVE-2019-2999
CVE-2019-2996
CVE-2019-2987
CVE-2019-2962
CVE-2019-2988
CVE-2019-2992
CVE-2019-2964
CVE-2019-2973
CVE-2019-2981
CVE-2019-2978
CVE-2019-2894
CVE-2019-2983
CVE-2019-2933
CVE-2019-2945
CVE-2019-11068
CVE-2019-18197
CVE-2020-2803
CVE-2020-2805
CVE-2020-2816
CVE-2020-2781
CVE-2020-2830
CVE-2020-2767
CVE-2020-2800
CVE-2020-2778
CVE-2020-2764
CVE-2020-2754
CVE-2020-2755
CVE-2020-2773
CVE-2020-2756
CVE-2020-2757
php     CVE-2019-11043
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

The following Dell EMC DCA release addresses these vulnerabilities:    

  • Dell EMC DCA 3.5.5.0

For Dell EMC DCA 3.5.5.0 and later, the security update is contained in the release 3.5.5.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



The following Dell EMC DCA release addresses these vulnerabilities:    

  • Dell EMC DCA 3.5.5.0

For Dell EMC DCA 3.5.5.0 and later, the security update is contained in the release 3.5.5.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



Related Information

Affected Products

Data Computing Appliance V3

Products

Data Computing Appliance V2, Data Computing Appliance V3, Product Security Information
Article Properties
Article Number: 000001909
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.