DSA-2019-114: Dell EMC Unisphere Central Security Update for Multiple Embedded Component Vulnerabilities
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
Summary:
Multiple embedded components within Dell EMC Unisphere Central require security updates to address various vulnerabilities.
The embedded components have been updated to remediate the following vulnerabilities:
-
curl
CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621
CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586
CVE-2017-7407 CVE-2017-1000100 CVE-2017-1000254 CVE-2018-1000007
CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000301
CVE-2018-14618 CVE-2018-16840 CVE-2018-16842
-
glibc
CVE-2015-5180 CVE-2017-12133 CVE-2017-15670 CVE-2017-15671
CVE-2017-15804 CVE-2018-11236
-
OpenSSL
CVE-2017-0739
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
The embedded components have been updated to remediate the following vulnerabilities:
-
curl
CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621
CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586
CVE-2017-7407 CVE-2017-1000100 CVE-2017-1000254 CVE-2018-1000007
CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000301
CVE-2018-14618 CVE-2018-16840 CVE-2018-16842
-
glibc
CVE-2015-5180 CVE-2017-12133 CVE-2017-15670 CVE-2017-15671
CVE-2017-15804 CVE-2018-11236
-
OpenSSL
CVE-2017-0739
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Affected Products & Remediation
Affected products:
Dell EMC Unisphere Central versions prior to 4.0.8.23220
Remediation:
The following Dell EMC Unisphere Central release addresses these vulnerabilities:
-
Dell EMC Unisphere Central 4.0.8.23220 (4.0 SP8)
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Registered Dell EMC Support customers can download Unisphere Central software from the Dell EMC Online Support web site at: https://support.emc.com/downloads/28224_Unisphere-Central
Affected products:
Dell EMC Unisphere Central versions prior to 4.0.8.23220
Remediation:
The following Dell EMC Unisphere Central release addresses these vulnerabilities:
-
Dell EMC Unisphere Central 4.0.8.23220 (4.0 SP8)
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Registered Dell EMC Support customers can download Unisphere Central software from the Dell EMC Online Support web site at: https://support.emc.com/downloads/28224_Unisphere-Central
Related Information
Legal Disclaimer
Affected Products
Unisphere CentralProducts
Product Security Information, Unisphere CentralArticle Properties
Article Number: 000153792
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.