DSA-2019-059: Dell EMC Network Attached Storage System using Windows Storage Server Security Update for Multiple Hardware Appliance Firmware Vulnerabilities

Summary: Dell EMC iDRAC (Integrated Dell Remote Access Controller) in Dell EMC Network Attached Storage System using Windows Storage Server, requires a security update to address multiple vulnerabilities. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

An integrated Dell Remote Access Controller (iDRAC) is an embedded management platform in PowerEdge servers used in Dell EMC Network Attached Storage System using Windows Storage Server. iDRAC provides browser-based and command-line interfaces for managing and monitoring the server hardware.

Dell EMC iDRAC has been updated to address the following vulnerabilities:

  • CVE-2018-15774
  • CVE-2018-15776
  • CVE-2019-3705
  • CVE-2019-3706
  • CVE-2019-3707

See Dell EMC iDRAC Advisories for more information:

Dell EMC iDRAC Multiple Vulnerabilities (CVE-2018-15774 and CVE-2018-15776)

DSA-2019-028: Dell EMC iDRAC Multiple Vulnerabilities

 

An integrated Dell Remote Access Controller (iDRAC) is an embedded management platform in PowerEdge servers used in Dell EMC Network Attached Storage System using Windows Storage Server. iDRAC provides browser-based and command-line interfaces for managing and monitoring the server hardware.

Dell EMC iDRAC has been updated to address the following vulnerabilities:

  • CVE-2018-15774
  • CVE-2018-15776
  • CVE-2019-3705
  • CVE-2019-3706
  • CVE-2019-3707

See Dell EMC iDRAC Advisories for more information:

Dell EMC iDRAC Multiple Vulnerabilities (CVE-2018-15774 and CVE-2018-15776)

DSA-2019-028: Dell EMC iDRAC Multiple Vulnerabilities

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Affected Products:

  • Dell EMC Storage NX3340, NX3240, NX430, NX3330, NX3230

Resolution:

Dell EMC recommends all impacted customers upgrade to the appropriate release: 

  • Dell EMC Dell EMC Storage NX3340, NX3240 iDRAC9 firmware version 3.32.32.32
  • Dell EMC Dell EMC Storage NX430, NX3330, NX3230 iDRAC8 firmware version 2.62.60.60

Link to Remedies:

Customers can download iDRAC firmware for PowerEdge servers and for all other platforms, please select the platform from the Dell support site.

Affected Products:

  • Dell EMC Storage NX3340, NX3240, NX430, NX3330, NX3230

Resolution:

Dell EMC recommends all impacted customers upgrade to the appropriate release: 

  • Dell EMC Dell EMC Storage NX3340, NX3240 iDRAC9 firmware version 3.32.32.32
  • Dell EMC Dell EMC Storage NX430, NX3330, NX3230 iDRAC8 firmware version 2.62.60.60

Link to Remedies:

Customers can download iDRAC firmware for PowerEdge servers and for all other platforms, please select the platform from the Dell support site.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Dell Storage NX3230, Dell EMC Storage NX3240, Dell Storage NX3330, Dell EMC Storage NX3340, Dell Storage NX430
Article Properties
Article Number: 000147355
Article Type: Dell Security Advisory
Last Modified: 18 Aug 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.