DSA-2021-198: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Component CVE(s) CVSS
score		 More information
VMware ESXi CVE-2021-21994 7.0 VMSA-2021-0014
CVE-2021-21995 5.3
vCenter Server CVE-2021-22005 9.8 VMSA-2021-0020
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
Note:
  • This RCM release has fixes only for vSphere 7.0x.
  • Fixes for vSphere 6.5 and 6.7 will be in the future release.
  • See “Workaround” section at the end of this article.
CVE-2021-21991 4.3-8.8
CVE-2021-21992
CVE-2021-21993
CVE-2021-22006
CVE-2021-22007
CVE-2021-22008
CVE-2021-22009
CVE-2021-22010
CVE-2021-22014
CVE-2021-22015
CVE-2021-22019
CVE-2021-22020
Dell Server BIOS Firmware
 		 CVE-2020-12357 7.5 INTEL-SA-00463
CVE-2020-12360 5.6
iDRAC CVE-2021-21581 6.5 DSA-2021-133
DSA-2021-177
CVE-2021-21580 4.3
CVE-2021-21579 6.1
CVE-2021-21578 6.1
CVE-2021-21577 6.1
CVE-2021-21576 6.1
CVE-2021-36299 5.9
CVE-2021-36300 6.5
CVE-2021-36301 7.1
CVE-2021-20235 7.1
PowerFlex Manager CVE-1999-0519 7.5  
CVE-1999-0520 6.4
CVE-1999-0517 7.5
Component CVE(s) CVSS
score		 More information
VMware ESXi CVE-2021-21994 7.0 VMSA-2021-0014
CVE-2021-21995 5.3
vCenter Server CVE-2021-22005 9.8 VMSA-2021-0020
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
Note:
  • This RCM release has fixes only for vSphere 7.0x.
  • Fixes for vSphere 6.5 and 6.7 will be in the future release.
  • See “Workaround” section at the end of this article.
CVE-2021-21991 4.3-8.8
CVE-2021-21992
CVE-2021-21993
CVE-2021-22006
CVE-2021-22007
CVE-2021-22008
CVE-2021-22009
CVE-2021-22010
CVE-2021-22014
CVE-2021-22015
CVE-2021-22019
CVE-2021-22020
Dell Server BIOS Firmware
 		 CVE-2020-12357 7.5 INTEL-SA-00463
CVE-2020-12360 5.6
iDRAC CVE-2021-21581 6.5 DSA-2021-133
DSA-2021-177
CVE-2021-21580 4.3
CVE-2021-21579 6.1
CVE-2021-21578 6.1
CVE-2021-21577 6.1
CVE-2021-21576 6.1
CVE-2021-36299 5.9
CVE-2021-36300 6.5
CVE-2021-36301 7.1
CVE-2021-20235 7.1
PowerFlex Manager CVE-1999-0519 7.5  
CVE-1999-0520 6.4
CVE-1999-0517 7.5
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVE(s) Addressed Component Affected Version(s) Updated Version(s) Fix package include in RCM
CVE-2021-21994 ESXi
 		 Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 		 Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 		 Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995 ESXi
 		 Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 		 Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 		 Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21991 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21992 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21993 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22006 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22007 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22008 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22009 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22010 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22014 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22015 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22019 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22020 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2020-12357 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21580 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 5.00.10.00 
CVE-2021-21580 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-1999-0519 PowerFlex Manager Versions prior to 3.7.1 3.7.1 Build Number 3.7.1-7782
CVE-1999-0520 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782
CVE-1999-0517 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

CVE(s) Addressed Component Affected Version(s) Updated Version(s) Fix package include in RCM
CVE-2021-21994 ESXi
 		 Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 		 Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994 ESXi
 		 Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995 ESXi
 		 Versions prior to 3.3.10.1 3.3.10.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 		 Versions prior to 3.4.5.1 3.4.5.1 6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995 ESXi
 		 Versions prior to 3.5.5.1 3.5.5.1 6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21991 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21992 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-21993 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22006 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22007 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22008 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22009 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22010 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22014 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22015 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22019 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2021-22020 vCenter Server
 		 Versions prior to 3.6.1.1 3.6.1.1 7.0 Update 2c (Build Number 18356314)
CVE-2020-12357 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21576 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21577 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21578 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21579 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21580 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 5.00.10.00 
CVE-2021-21580 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-21581 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36299 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-20235 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36300 Dell Server
 		 Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.3.10.1 3.3.10.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.4.5.1 3.4.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server
 		 Versions prior to 3.5.5.1 3.5.5.1
 		 Dell EMC iDRAC9 version 5.00.10.00 
CVE-2021-36301 Dell Server Versions prior to 3.6.1.1 3.6.1.1 Dell EMC iDRAC9 version 5.00.10.00 
CVE-1999-0519 PowerFlex Manager Versions prior to 3.7.1 3.7.1 Build Number 3.7.1-7782
CVE-1999-0520 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782
CVE-1999-0517 PowerFlex Manager Versions prior to 3.7.0 3.7.1 Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

Workarounds & Mitigations

For CVE-2021-22005 under VMSA-2021-0020 (https://www.vmware.com/security/advisories/VMSA-2021-0020.html), refer to the following link for workarounds: https://kb.vmware.com/s/article/85717.

Revision History

RevisionDateDescription
1.02021-09-25Initial Release
2.02021-09-30Added VMware Security Advisory link, Workaround notes for vSphere 6.5 and 6.7, and Component CVSS Base Scores to Details section. Added Workaround links to Workarounds and Mitigations section. 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerFlex rack, Product Security Information, PowerFlex Software
Article Properties
Article Number: 000191881
Article Type: Dell Security Advisory
Last Modified: 30 Sep 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.