Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000183767


DSA-2021-030: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

High

Details

Third-Party Component CVE(s) More information  
Embedded OS-sudo CVE-2021-3156 See NVD (http://nvd.nist.gov/) for individual scores for each CVE  
Intel





 
CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
Third-Party Component CVE(s) More information  
Embedded OS-sudo CVE-2021-3156 See NVD (http://nvd.nist.gov/) for individual scores for each CVE  
Intel





 
CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2021-3156 PowerFlex rack Versions prior to 3.3.9.1

Versions prior to 3.4.4.1

Versions prior to 3.5.4.1

Versions prior to 3.6.0.1
3.3.9.1

3.4.4.1

3.5.4.1

3.6.0.1
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417

Fixes are available for Dell Server PowerEdge BIOS R630/R730/R730XD (13G) : BIOS Version 2.12.0
CVE-2020-0587
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2021-3156 PowerFlex rack Versions prior to 3.3.9.1

Versions prior to 3.4.4.1

Versions prior to 3.5.4.1

Versions prior to 3.6.0.1
3.3.9.1

3.4.4.1

3.5.4.1

3.6.0.1
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417

Fixes are available for Dell Server PowerEdge BIOS R630/R730/R730XD (13G) : BIOS Version 2.12.0
CVE-2020-0587
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740

Revision History

RevisionDateDescription
1.02021-3-3Initial Release

Related Information


Article Properties


Affected Product

PowerFlex rack, Product Security Information

Last Published Date

03 Mar 2021

Article Type

Dell Security Advisory