Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000191881


DSA-2021-198: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Component CVE(s) CVSS
score
More information
VMware ESXi CVE-2021-21994 7.0 VMSA-2021-0014
CVE-2021-21995 5.3
vCenter Server CVE-2021-22005 9.8 VMSA-2021-0020
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
Note:
  • This RCM release has fixes only for vSphere 7.0x.
  • Fixes for vSphere 6.5 and 6.7 will be in the future release.
  • See “Workaround” section at the end of this article.
CVE-2021-21991 4.3-8.8
CVE-2021-21992
CVE-2021-21993
CVE-2021-22006
CVE-2021-22007
CVE-2021-22008
CVE-2021-22009
CVE-2021-22010
CVE-2021-22014
CVE-2021-22015
CVE-2021-22019
CVE-2021-22020
Dell Server BIOS Firmware
 
CVE-2020-12357 7.5 INTEL-SA-00463
CVE-2020-12360 5.6
iDRAC CVE-2021-21581 6.5 DSA-2021-133
DSA-2021-177
CVE-2021-21580 4.3
CVE-2021-21579 6.1
CVE-2021-21578 6.1
CVE-2021-21577 6.1
CVE-2021-21576 6.1
CVE-2021-36299 5.9
CVE-2021-36300 6.5
CVE-2021-36301 7.1
CVE-2021-20235 7.1
PowerFlex Manager CVE-1999-0519 7.5  
CVE-1999-0520 6.4
CVE-1999-0517 7.5
Component CVE(s) CVSS
score
More information
VMware ESXi CVE-2021-21994 7.0 VMSA-2021-0014
CVE-2021-21995 5.3
vCenter Server CVE-2021-22005 9.8 VMSA-2021-0020
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
Note:
  • This RCM release has fixes only for vSphere 7.0x.
  • Fixes for vSphere 6.5 and 6.7 will be in the future release.
  • See “Workaround” section at the end of this article.
CVE-2021-21991 4.3-8.8
CVE-2021-21992
CVE-2021-21993
CVE-2021-22006
CVE-2021-22007
CVE-2021-22008
CVE-2021-22009
CVE-2021-22010
CVE-2021-22014
CVE-2021-22015
CVE-2021-22019
CVE-2021-22020
Dell Server BIOS Firmware
 
CVE-2020-12357 7.5 INTEL-SA-00463
CVE-2020-12360 5.6
iDRAC CVE-2021-21581 6.5 DSA-2021-133
DSA-2021-177
CVE-2021-21580 4.3
CVE-2021-21579 6.1
CVE-2021-21578 6.1
CVE-2021-21577 6.1
CVE-2021-21576 6.1
CVE-2021-36299 5.9
CVE-2021-36300 6.5
CVE-2021-36301 7.1
CVE-2021-20235 7.1
PowerFlex Manager CVE-1999-0519 7.5  
CVE-1999-0520 6.4
CVE-1999-0517 7.5
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVE(s) Addressed Component Affected Version(s) Updated Version(s) Fix package include in RCM
CVE-2021-21994 ESXi
 
Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 
Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 
Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995 ESXi
 
Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 
Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 
Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21991 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21992 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21993 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22006 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22007 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22008 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22009 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22010 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22014 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22015 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22019 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22020 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2020-12357 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21580 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 5.00.10.00 
CVE-2021-21580 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-1999-0519 PowerFlex Manager Versions prior to 3.7.1 3.7.1 Build Number 3.7.1-7782
CVE-1999-0520 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782
CVE-1999-0517 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

CVE(s) Addressed Component Affected Version(s) Updated Version(s) Fix package include in RCM
CVE-2021-21994 ESXi
 
Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 
Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 
Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995 ESXi
 
Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 
Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 
Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21991 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21992 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21993 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22006 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22007 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22008 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22009 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22010 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22014 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22015 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22019 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22020 vCenter Server
 
Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2020-12357 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21580 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 5.00.10.00 
CVE-2021-21580 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 
Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.4.5.1 3.4.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 
Versions prior to 3.5.5.1 3.5.5.1
 
Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-1999-0519 PowerFlex Manager Versions prior to 3.7.1 3.7.1 Build Number 3.7.1-7782
CVE-1999-0520 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782
CVE-1999-0517 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

Workarounds and Mitigations

For CVE-2021-22005 under VMSA-2021-0020 (https://www.vmware.com/security/advisories/VMSA-2021-0020.html), refer to the following link for workarounds: https://kb.vmware.com/s/article/85717.

Revision History

RevisionDateDescription
1.02021-09-25Initial Release
2.02021-09-30Added VMware Security Advisory link, Workaround notes for vSphere 6.5 and 6.7, and Component CVSS Base Scores to Details section. Added Workaround links to Workarounds and Mitigations section. 

Related Information


Article Properties


Affected Product

PowerFlex rack, Product Security Information, PowerFlex Software

Last Published Date

30 Sep 2021

Article Type

Dell Security Advisory