Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000153741


DSA-2020-190: Dell EMC SRS Virtual Edition Security Update for Multiple Third-Party Component Vulnerabilities

Article Content


Impact

Critical

Details

Multiple components within Dell EMC Secure Remote Services (SRS) Virtual Edition require a security update to address various vulnerabilities. 

Third-party Component CVE(s) More information
JRE CVE-2020-2803  See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2020-2767
CVE-2020-2773
CVE-2020-2659
CVE-2020-2805
CVE-2020-2800
CVE-2020-2756
CVE-2020-2583
CVE-2019-18197 
CVE-2020-2778
CVE-2020-2757 
CVE-2020-2601
CVE-2020-2816
CVE-2020-2764
CVE-2020-2755 
CVE-2020-2781
CVE-2020-2754
CVE-2020-2654
Libxslt-tools CVE-2019-13118
CVE-2019-13117
libpng16 CVE-2017-12652
CVE-2019-7317
libfreebl3 & ncurses CVE-2019-11727
CVE-2019-11729
CVE-2019-11709
CVE-2019-11715
CVE-2019-11713
CVE-2019-17006
CVE-2019-11719
CVE-2019-11711 
CVE-2019-11712
CVE-2019-11745
CVE-2019-11717
CVE-2019-11730
CVE-2019-9811
Third-party Component CVE(s) More information
JRE CVE-2020-2803  See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2020-2767
CVE-2020-2773
CVE-2020-2659
CVE-2020-2805
CVE-2020-2800
CVE-2020-2756
CVE-2020-2583
CVE-2019-18197 
CVE-2020-2778
CVE-2020-2757 
CVE-2020-2601
CVE-2020-2816
CVE-2020-2764
CVE-2020-2755 
CVE-2020-2781
CVE-2020-2754
CVE-2020-2654
Libxslt-tools CVE-2019-13118
CVE-2019-13117
libpng16 CVE-2017-12652
CVE-2019-7317
libfreebl3 & ncurses CVE-2019-11727
CVE-2019-11729
CVE-2019-11709
CVE-2019-11715
CVE-2019-11713
CVE-2019-17006
CVE-2019-11719
CVE-2019-11711 
CVE-2019-11712
CVE-2019-11745
CVE-2019-11717
CVE-2019-11730
CVE-2019-9811
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products:      
Dell EMC SRS Virtual Edition versions 3.40.00.08, 3.42.10.06, and 3.44.00.08


Remediation:      
The following Dell EMC SRS Virtual Edition release address this vulnerability:      

  • Dell EMC SRS Virtual Edition 3.46.00.04

For Dell EMC SRS Virtual Edition version 3.46.00.04 and later, the security update is contained in the release 3.46.00.04

Dell EMC recommends all customers upgrade at the earliest opportunity.

The SRS-VE patch is published in SRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s SRS-VE primary and secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC SRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC SRS Virtual Edition system.



Affected products:      
Dell EMC SRS Virtual Edition versions 3.40.00.08, 3.42.10.06, and 3.44.00.08


Remediation:      
The following Dell EMC SRS Virtual Edition release address this vulnerability:      

  • Dell EMC SRS Virtual Edition 3.46.00.04

For Dell EMC SRS Virtual Edition version 3.46.00.04 and later, the security update is contained in the release 3.46.00.04

Dell EMC recommends all customers upgrade at the earliest opportunity.

The SRS-VE patch is published in SRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s SRS-VE primary and secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC SRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC SRS Virtual Edition system.



Related Information


Article Properties


Affected Product

Secure Remote Services Virtual Edition

Product

Secure Remote Services Virtual Edition, Product Security Information

Last Published Date

10 Apr 2021

Article Type

Dell Security Advisory