Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000153687


DSA-2020-171: Dell Data Domain Security Update for a BMC Vulnerability

Summary: Dell Data Domain remediation is available for BMC Vulnerability that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

High

Overview

The BMC component within Dell Data Domain requires a security update to address a vulnerability.

Details

 
Third-party Component  CVE(s) More information
BMC CVE-2018-9086 See NVD (http://nvd.nist.gov/)
7.2 (/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm
 
Third-party Component  CVE(s) More information
BMC CVE-2018-9086 See NVD (http://nvd.nist.gov/)
7.2 (/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected models:      
Dell Data Domain DD9300 Appliance
Dell Data Domain DD6800 Appliance
Dell Data Domain DD6300 Appliance
Dell Data Domain DD7200 Appliance
Dell Data Domain DD4500 Appliance
Dell Data Domain DD4200 Appliance
Dell Data Domain OS versions prior to DDOS 6.0.0.70
Dell Data Domain OS versions prior to DDOS 6.1.2.70
Dell Data Domain OS versions prior to DDOS 6.2.1.0
Dell Data Domain OS versions prior to DDOS 7.0.0.20
Dell Data Domain OS versions prior to DDOS 7.1.0.20
Dell Data Domain OS versions prior to DDOS 7.2.0.0

Resolution:       
The following Dell Data Domain releases address this vulnerability:     
Dell Data Domain OS version DDOS 6.0.0.70
Dell Data Domain OS version DDOS 6.1.2.70
Dell Data Domain OS version DDOS 6.2.1.0
Dell Data Domain OS version DDOS 7.0.0.20
Dell Data Domain OS version DDOS 7.1.0.20
Dell Data Domain OS version DDOS 7.2.0.0

Dell recommends all customers upgrade at the earliest opportunity.

Affected models:      
Dell Data Domain DD9300 Appliance
Dell Data Domain DD6800 Appliance
Dell Data Domain DD6300 Appliance
Dell Data Domain DD7200 Appliance
Dell Data Domain DD4500 Appliance
Dell Data Domain DD4200 Appliance
Dell Data Domain OS versions prior to DDOS 6.0.0.70
Dell Data Domain OS versions prior to DDOS 6.1.2.70
Dell Data Domain OS versions prior to DDOS 6.2.1.0
Dell Data Domain OS versions prior to DDOS 7.0.0.20
Dell Data Domain OS versions prior to DDOS 7.1.0.20
Dell Data Domain OS versions prior to DDOS 7.2.0.0

Resolution:       
The following Dell Data Domain releases address this vulnerability:     
Dell Data Domain OS version DDOS 6.0.0.70
Dell Data Domain OS version DDOS 6.1.2.70
Dell Data Domain OS version DDOS 6.2.1.0
Dell Data Domain OS version DDOS 7.0.0.20
Dell Data Domain OS version DDOS 7.1.0.20
Dell Data Domain OS version DDOS 7.2.0.0

Dell recommends all customers upgrade at the earliest opportunity.

Revision History

Revision

Date

Description

1.1

2021/05/18

Minor update

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

Data Domain, Data Domain, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, DD Boost for Enterprise Applications, DD OS, DD OS 4.9, PowerProtect Data Domain Management Center

Product

DD OS 6.2, DD OS 5.0, DD OS 5.1, DD OS 5.2, DD OS 5.3, DD OS 5.4, DD OS 5.5, DD OS 5.6, DD OS 6.0, DD OS 6.1, DD OS 7.0, DD OS 7.1, DD OS Licensed Features, DD OS Previous Versions, PowerProtect X400 Appliance, Product Security Information

Last Published Date

22 May 2021

Version

5

Article Type

Dell Security Advisory