Skip to main content
Sign Out
Welcome to Dell
My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us
Your Dell.com Carts
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000181211

DSA-2020-279: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack contains remediation for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-Party Component CVE(s) More information
Intel





 		 CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
VMware CVE-2020-3981 VMSA-2020-0023
VMSA-2020-0018
VMSA-2020-0026
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-4005
Cisco N9332PQ and N93180YC-EX Switches CVE-2020-3175 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
Third-Party Component CVE(s) More information
Intel





 		 CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
VMware CVE-2020-3981 VMSA-2020-0023
VMSA-2020-0018
VMSA-2020-0026
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-4005
Cisco N9332PQ and N93180YC-EX Switches CVE-2020-3175 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2020-0587 PowerFlex rack Versions prior to 3.3.9.0

Versions prior to 3.4.4.0

Versions prior to 3.5.4.0		 3.3.9.0



3.4.4.0



3.5.4.0		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-3175 PowerFlex rack 3.3.5.0 - 3.3.8.2

3.4.0.0 - 3.4.3.1

3.5.0.0-3.5.3.1
 		 3.3.9.0


3.4.3.2 


3.5.3.2
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2020-0587 PowerFlex rack Versions prior to 3.3.9.0

Versions prior to 3.4.4.0

Versions prior to 3.5.4.0		 3.3.9.0



3.4.4.0



3.5.4.0		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-3175 PowerFlex rack 3.3.5.0 - 3.3.8.2

3.4.0.0 - 3.4.3.1

3.5.0.0-3.5.3.1
 		 3.3.9.0


3.4.3.2 


3.5.3.2
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394

Workarounds and Mitigations

None

Revision History

RevisionDateDescription
1.02020-12-14Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

PowerFlex rack

Last Published Date

22 May 2021

Version

3

Article Type

Dell Security Advisory

Back to Top