DSA-2022-034: Dell EMC ECS Security Update for Multiple iDRAC Vulnerabilities
Summary: Dell EMC ECS remediation is available for multiple security vulnerabilities that affect ECS which may be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Component | CVEs | More information |
| Dell EMC iDRAC |
CVE-2021-21576 | https://nvd.nist.gov/vuln/detail/CVE-2021-21576 https://nvd.nist.gov/vuln/detail/CVE-2021-21577 https://nvd.nist.gov/vuln/detail/CVE-2021-21578 https://nvd.nist.gov/vuln/detail/CVE-2021-21579 https://nvd.nist.gov/vuln/detail/CVE-2021-21580 See Dell KB Article 189193: DSA-2021-133: Dell iDRAC Security Update for Multiple Security Vulnerabilities. |
| CVE-2021-21577 | ||
| CVE-2021-21578 | ||
| CVE-2021-21579 | ||
| CVE-2021-21580 |
| Component | CVEs | More information |
| Dell EMC iDRAC |
CVE-2021-21576 | https://nvd.nist.gov/vuln/detail/CVE-2021-21576 https://nvd.nist.gov/vuln/detail/CVE-2021-21577 https://nvd.nist.gov/vuln/detail/CVE-2021-21578 https://nvd.nist.gov/vuln/detail/CVE-2021-21579 https://nvd.nist.gov/vuln/detail/CVE-2021-21580 See Dell KB Article 189193: DSA-2021-133: Dell iDRAC Security Update for Multiple Security Vulnerabilities. |
| CVE-2021-21577 | ||
| CVE-2021-21578 | ||
| CVE-2021-21579 | ||
| CVE-2021-21580 |
Affected Products & Remediation
| Product | Affected Version(s) | Updated Version(s) | Remediation |
| ECS Appliance Hardware Gen3 EX3000 | iDRAC 8 all versions below 2.80.80.80, | iDRAC 8 all versions 2.80.80.80 or 2.81.81.81 | Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request. |
| ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EX5000, ECS Appliance Hardware Gen3 EXF900 |
iDRAC 9 all versions below 4.40.40.00 |
iDRAC 9 version 4.40.40.00 | Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request. |
| Product | Affected Version(s) | Updated Version(s) | Remediation |
| ECS Appliance Hardware Gen3 EX3000 | iDRAC 8 all versions below 2.80.80.80, | iDRAC 8 all versions 2.80.80.80 or 2.81.81.81 | Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request. |
| ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EX5000, ECS Appliance Hardware Gen3 EXF900 |
iDRAC 9 all versions below 4.40.40.00 |
iDRAC 9 version 4.40.40.00 | Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request. |
Q: Does upgrading iDRAC require a reboot or any downtime?
A: iDRAC does not require downtime, nor does it require any system reboots. It will make any hardware monitoring (fan speed, voltages, etc.) unavailable during the periods of the firmware install.
Q: Who is responsible for upgrading the iDRAC firmware related to this DSA?
A: Upgrading the iDRAC firmware is performed as a scheduled activity by the ECS Remote Proactive team (RPS).
Q: How can I find my iDRAC firmware version?
A: A CLI command can be issued on a node to get the cluster iDRAC version.
# viprexec "sudo -i racadm getversion | grep iDRAC"
Q: How can I find my hardware version?
A: Go to ECS Solve > Replacement Procedures > How To Determine ECS Hardware Series.
# viprexec "sudo xdoctor -x"
A: iDRAC does not require downtime, nor does it require any system reboots. It will make any hardware monitoring (fan speed, voltages, etc.) unavailable during the periods of the firmware install.
Q: Who is responsible for upgrading the iDRAC firmware related to this DSA?
A: Upgrading the iDRAC firmware is performed as a scheduled activity by the ECS Remote Proactive team (RPS).
Q: How can I find my iDRAC firmware version?
A: A CLI command can be issued on a node to get the cluster iDRAC version.
# viprexec "sudo -i racadm getversion | grep iDRAC"
Q: How can I find my hardware version?
A: Go to ECS Solve > Replacement Procedures > How To Determine ECS Hardware Series.
# viprexec "sudo xdoctor -x"
Workarounds & Mitigations
None.
Revision History
| Revision | Date | Description |
| 1.0 | 2022-04-24 | Initial Release |
| 2.0 | 2022-05-31 | Updated the Affected Products and Remediation. Added Q&A details to the Additional Info section. |
Related Information
Legal Disclaimer
Affected Products
ECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series
, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, Product Security Information
...
Article Properties
Article Number: 000198814
Article Type: Dell Security Advisory
Last Modified: 03 Jun 2022
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.