Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000199950


DSA-2022-130: Dell EMC Elastic Cloud Storage Security Update for Third-Party Vulnerabilities

Summary: Dell EMC Elastic Cloud Storage 3.6.2.3 contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Third-party Component CVE IDs Details
Aide CVE-2021-45417 https://www.suse.com/security/cve/CVE-2021-45417
Apache2 CVE-2021-44224 https://www.suse.com/security/cve/CVE-2021-44224
CVE-2021-44790 https://www.suse.com/security/cve/CVE-2021-44790
Avahi CVE-2021-3468 https://www.suse.com/security/cve/CVE-2021-3468
Binutils CVE-2019-12972 https://www.suse.com/security/cve/CVE-2019-12972
CVE-2019-14250 https://www.suse.com/security/cve/CVE-2019-14250
CVE-2019-14444 https://www.suse.com/security/cve/CVE-2019-14444
CVE-2019-17450 https://www.suse.com/security/cve/CVE-2019-17450
CVE-2019-17451 https://www.suse.com/security/cve/CVE-2019-17451
CVE-2019-9074 https://www.suse.com/security/cve/CVE-2019-9074
CVE-2019-9075 https://www.suse.com/security/cve/CVE-2019-9075
CVE-2019-9077 https://www.suse.com/security/cve/CVE-2019-9077
CVE-2020-16590 https://www.suse.com/security/cve/CVE-2020-16590
CVE-2020-16591 https://www.suse.com/security/cve/CVE-2020-16591
CVE-2020-16592 https://www.suse.com/security/cve/CVE-2020-16592
CVE-2020-16593 https://www.suse.com/security/cve/CVE-2020-16593
CVE-2020-16598 https://www.suse.com/security/cve/CVE-2020-16598
CVE-2020-16599 https://www.suse.com/security/cve/CVE-2020-16599
CVE-2020-35448 https://www.suse.com/security/cve/CVE-2020-35448
CVE-2020-35493 https://www.suse.com/security/cve/CVE-2020-35493
CVE-2020-35496 https://www.suse.com/security/cve/CVE-2020-35496
CVE-2020-35507 https://www.suse.com/security/cve/CVE-2020-35507
CVE-2021-20197 https://www.suse.com/security/cve/CVE-2021-20197
CVE-2021-20284 https://www.suse.com/security/cve/CVE-2021-20284
CVE-2021-20294 https://www.suse.com/security/cve/CVE-2021-20294
CVE-2021-3487 https://www.suse.com/security/cve/CVE-2021-3487
Expat CVE-2021-45960 https://www.suse.com/security/cve/CVE-2021-45960
CVE-2021-46143 https://www.suse.com/security/cve/CVE-2021-46143
CVE-2022-22822 https://www.suse.com/security/cve/CVE-2022-22822
CVE-2022-22823 https://www.suse.com/security/cve/CVE-2022-22823
CVE-2022-22824 https://www.suse.com/security/cve/CVE-2022-22824
CVE-2022-22825 https://www.suse.com/security/cve/CVE-2022-22825
CVE-2022-22826 https://www.suse.com/security/cve/CVE-2022-22826
CVE-2022-22827 https://www.suse.com/security/cve/CVE-2022-22827
Glibc CVE-2021-33574 https://www.suse.com/security/cve/CVE-2021-33574
kernel-default CVE-2018-13405 https://www.suse.com/security/cve/CVE-2018-13405
CVE-2018-9517 https://www.suse.com/security/cve/CVE-2018-9517
CVE-2019-3874 https://www.suse.com/security/cve/CVE-2019-3874
CVE-2019-3900 https://www.suse.com/security/cve/CVE-2019-3900
CVE-2020-0429 https://www.suse.com/security/cve/CVE-2020-0429
CVE-2020-12770 https://www.suse.com/security/cve/CVE-2020-12770
CVE-2020-24588 https://www.suse.com/security/cve/CVE-2020-24588
CVE-2020-26558 https://www.suse.com/security/cve/CVE-2020-26558
CVE-2020-36385 https://www.suse.com/security/cve/CVE-2020-36385
CVE-2020-36386 https://www.suse.com/security/cve/CVE-2020-36386
CVE-2020-3702 https://www.suse.com/security/cve/CVE-2020-3702
CVE-2021-0129 https://www.suse.com/security/cve/CVE-2021-0129
CVE-2021-0512 https://www.suse.com/security/cve/CVE-2021-0512
CVE-2021-0605 https://www.suse.com/security/cve/CVE-2021-0605
CVE-2021-0941 https://www.suse.com/security/cve/CVE-2021-0941
CVE-2021-20322 https://www.suse.com/security/cve/CVE-2021-20322
CVE-2021-22543 https://www.suse.com/security/cve/CVE-2021-22543
CVE-2021-22555 https://www.suse.com/security/cve/CVE-2021-22555
CVE-2021-31916 https://www.suse.com/security/cve/CVE-2021-31916
CVE-2021-33200 https://www.suse.com/security/cve/CVE-2021-33200
CVE-2021-33624 https://www.suse.com/security/cve/CVE-2021-33624
CVE-2021-33909 https://www.suse.com/security/cve/CVE-2021-33909
CVE-2021-34556 https://www.suse.com/security/cve/CVE-2021-34556
CVE-2021-34693 https://www.suse.com/security/cve/CVE-2021-34693
CVE-2021-34981 https://www.suse.com/security/cve/CVE-2021-34981
CVE-2021-3542 https://www.suse.com/security/cve/CVE-2021-3542
CVE-2021-35477 https://www.suse.com/security/cve/CVE-2021-35477
CVE-2021-3609 https://www.suse.com/security/cve/CVE-2021-3609
CVE-2021-3640 https://www.suse.com/security/cve/CVE-2021-3640
CVE-2021-3653 https://www.suse.com/security/cve/CVE-2021-3653
CVE-2021-3655 https://www.suse.com/security/cve/CVE-2021-3655
CVE-2021-3656 https://www.suse.com/security/cve/CVE-2021-3656
CVE-2021-3659 https://www.suse.com/security/cve/CVE-2021-3659
CVE-2021-3679 https://www.suse.com/security/cve/CVE-2021-3679
CVE-2021-3715 https://www.suse.com/security/cve/CVE-2021-3715
CVE-2021-37159 https://www.suse.com/security/cve/CVE-2021-37159
CVE-2021-3732 https://www.suse.com/security/cve/CVE-2021-3732
CVE-2021-3744 https://www.suse.com/security/cve/CVE-2021-3744
CVE-2021-3752 https://www.suse.com/security/cve/CVE-2021-3752
CVE-2021-3753 https://www.suse.com/security/cve/CVE-2021-3753
CVE-2021-37576 https://www.suse.com/security/cve/CVE-2021-37576
CVE-2021-3759 https://www.suse.com/security/cve/CVE-2021-3759
CVE-2021-3760 https://www.suse.com/security/cve/CVE-2021-3760
CVE-2021-3764 https://www.suse.com/security/cve/CVE-2021-3764
CVE-2021-3772 https://www.suse.com/security/cve/CVE-2021-3772
CVE-2021-38160 https://www.suse.com/security/cve/CVE-2021-38160
CVE-2021-38198 https://www.suse.com/security/cve/CVE-2021-38198
CVE-2021-38204 https://www.suse.com/security/cve/CVE-2021-38204
CVE-2021-40490 https://www.suse.com/security/cve/CVE-2021-40490
CVE-2021-41864 https://www.suse.com/security/cve/CVE-2021-41864
CVE-2021-42008 https://www.suse.com/security/cve/CVE-2021-42008
CVE-2021-42252 https://www.suse.com/security/cve/CVE-2021-42252
CVE-2021-42739 https://www.suse.com/security/cve/CVE-2021-42739
libpcre1 CVE-2017-6004 https://www.suse.com/security/cve/CVE-2017-6004
CVE-2017-7186 https://www.suse.com/security/cve/CVE-2017-7186
CVE-2017-7244 https://www.suse.com/security/cve/CVE-2017-7244
CVE-2017-7245 https://www.suse.com/security/cve/CVE-2017-7245
CVE-2017-7246 https://www.suse.com/security/cve/CVE-2017-7246
CVE-2019-20838 https://www.suse.com/security/cve/CVE-2019-20838
CVE-2020-14155 https://www.suse.com/security/cve/CVE-2020-14155
libsndfile1 CVE-2021-4156 https://www.suse.com/security/cve/CVE-2021-4156
libsystemd0 CVE-2021-33910 https://www.suse.com/security/cve/CVE-2021-33910
libxcb1 CVE-2020-14344 https://www.suse.com/security/cve/CVE-2020-14344
OpenSSH CVE-2020-14145 https://www.suse.com/security/cve/CVE-2020-14145
CVE-2021-41617 https://www.suse.com/security/cve/CVE-2021-41617
Oracle Java CVE-2022-21248 https://www.suse.com/security/cve/CVE-2022-21248
CVE-2022-21271 https://www.suse.com/security/cve/CVE-2022-21271
CVE-2022-21277 https://www.suse.com/security/cve/CVE-2022-21277
CVE-2022-21282 https://www.suse.com/security/cve/CVE-2022-21282
CVE-2022-21283 https://www.suse.com/security/cve/CVE-2022-21283
CVE-2022-21291 https://www.suse.com/security/cve/CVE-2022-21291
CVE-2022-21293 https://www.suse.com/security/cve/CVE-2022-21293
CVE-2022-21294 https://www.suse.com/security/cve/CVE-2022-21294
CVE-2022-21296 https://www.suse.com/security/cve/CVE-2022-21296
CVE-2022-21299 https://www.suse.com/security/cve/CVE-2022-21299
CVE-2022-21305 https://www.suse.com/security/cve/CVE-2022-21305
CVE-2022-21340 https://www.suse.com/security/cve/CVE-2022-21340
CVE-2022-21341 https://www.suse.com/security/cve/CVE-2022-21341
CVE-2022-21349 https://www.suse.com/security/cve/CVE-2022-21349
CVE-2022-21360 https://www.suse.com/security/cve/CVE-2022-21360
CVE-2022-21365 https://www.suse.com/security/cve/CVE-2022-21365
CVE-2022-21366 https://www.suse.com/security/cve/CVE-2022-21366
SNMP CVE-2020-15862 https://www.suse.com/security/cve/CVE-2020-15862
systemd CVE-2019-20386 https://www.suse.com/security/cve/CVE-2019-20386
CVE-2021-33910 https://www.suse.com/security/cve/CVE-2021-33910
unzip CVE-2018-18384 https://www.suse.com/security/cve/CVE-2018-18384
Third-party Component CVE IDs Details
Aide CVE-2021-45417 https://www.suse.com/security/cve/CVE-2021-45417
Apache2 CVE-2021-44224 https://www.suse.com/security/cve/CVE-2021-44224
CVE-2021-44790 https://www.suse.com/security/cve/CVE-2021-44790
Avahi CVE-2021-3468 https://www.suse.com/security/cve/CVE-2021-3468
Binutils CVE-2019-12972 https://www.suse.com/security/cve/CVE-2019-12972
CVE-2019-14250 https://www.suse.com/security/cve/CVE-2019-14250
CVE-2019-14444 https://www.suse.com/security/cve/CVE-2019-14444
CVE-2019-17450 https://www.suse.com/security/cve/CVE-2019-17450
CVE-2019-17451 https://www.suse.com/security/cve/CVE-2019-17451
CVE-2019-9074 https://www.suse.com/security/cve/CVE-2019-9074
CVE-2019-9075 https://www.suse.com/security/cve/CVE-2019-9075
CVE-2019-9077 https://www.suse.com/security/cve/CVE-2019-9077
CVE-2020-16590 https://www.suse.com/security/cve/CVE-2020-16590
CVE-2020-16591 https://www.suse.com/security/cve/CVE-2020-16591
CVE-2020-16592 https://www.suse.com/security/cve/CVE-2020-16592
CVE-2020-16593 https://www.suse.com/security/cve/CVE-2020-16593
CVE-2020-16598 https://www.suse.com/security/cve/CVE-2020-16598
CVE-2020-16599 https://www.suse.com/security/cve/CVE-2020-16599
CVE-2020-35448 https://www.suse.com/security/cve/CVE-2020-35448
CVE-2020-35493 https://www.suse.com/security/cve/CVE-2020-35493
CVE-2020-35496 https://www.suse.com/security/cve/CVE-2020-35496
CVE-2020-35507 https://www.suse.com/security/cve/CVE-2020-35507
CVE-2021-20197 https://www.suse.com/security/cve/CVE-2021-20197
CVE-2021-20284 https://www.suse.com/security/cve/CVE-2021-20284
CVE-2021-20294 https://www.suse.com/security/cve/CVE-2021-20294
CVE-2021-3487 https://www.suse.com/security/cve/CVE-2021-3487
Expat CVE-2021-45960 https://www.suse.com/security/cve/CVE-2021-45960
CVE-2021-46143 https://www.suse.com/security/cve/CVE-2021-46143
CVE-2022-22822 https://www.suse.com/security/cve/CVE-2022-22822
CVE-2022-22823 https://www.suse.com/security/cve/CVE-2022-22823
CVE-2022-22824 https://www.suse.com/security/cve/CVE-2022-22824
CVE-2022-22825 https://www.suse.com/security/cve/CVE-2022-22825
CVE-2022-22826 https://www.suse.com/security/cve/CVE-2022-22826
CVE-2022-22827 https://www.suse.com/security/cve/CVE-2022-22827
Glibc CVE-2021-33574 https://www.suse.com/security/cve/CVE-2021-33574
kernel-default CVE-2018-13405 https://www.suse.com/security/cve/CVE-2018-13405
CVE-2018-9517 https://www.suse.com/security/cve/CVE-2018-9517
CVE-2019-3874 https://www.suse.com/security/cve/CVE-2019-3874
CVE-2019-3900 https://www.suse.com/security/cve/CVE-2019-3900
CVE-2020-0429 https://www.suse.com/security/cve/CVE-2020-0429
CVE-2020-12770 https://www.suse.com/security/cve/CVE-2020-12770
CVE-2020-24588 https://www.suse.com/security/cve/CVE-2020-24588
CVE-2020-26558 https://www.suse.com/security/cve/CVE-2020-26558
CVE-2020-36385 https://www.suse.com/security/cve/CVE-2020-36385
CVE-2020-36386 https://www.suse.com/security/cve/CVE-2020-36386
CVE-2020-3702 https://www.suse.com/security/cve/CVE-2020-3702
CVE-2021-0129 https://www.suse.com/security/cve/CVE-2021-0129
CVE-2021-0512 https://www.suse.com/security/cve/CVE-2021-0512
CVE-2021-0605 https://www.suse.com/security/cve/CVE-2021-0605
CVE-2021-0941 https://www.suse.com/security/cve/CVE-2021-0941
CVE-2021-20322 https://www.suse.com/security/cve/CVE-2021-20322
CVE-2021-22543 https://www.suse.com/security/cve/CVE-2021-22543
CVE-2021-22555 https://www.suse.com/security/cve/CVE-2021-22555
CVE-2021-31916 https://www.suse.com/security/cve/CVE-2021-31916
CVE-2021-33200 https://www.suse.com/security/cve/CVE-2021-33200
CVE-2021-33624 https://www.suse.com/security/cve/CVE-2021-33624
CVE-2021-33909 https://www.suse.com/security/cve/CVE-2021-33909
CVE-2021-34556 https://www.suse.com/security/cve/CVE-2021-34556
CVE-2021-34693 https://www.suse.com/security/cve/CVE-2021-34693
CVE-2021-34981 https://www.suse.com/security/cve/CVE-2021-34981
CVE-2021-3542 https://www.suse.com/security/cve/CVE-2021-3542
CVE-2021-35477 https://www.suse.com/security/cve/CVE-2021-35477
CVE-2021-3609 https://www.suse.com/security/cve/CVE-2021-3609
CVE-2021-3640 https://www.suse.com/security/cve/CVE-2021-3640
CVE-2021-3653 https://www.suse.com/security/cve/CVE-2021-3653
CVE-2021-3655 https://www.suse.com/security/cve/CVE-2021-3655
CVE-2021-3656 https://www.suse.com/security/cve/CVE-2021-3656
CVE-2021-3659 https://www.suse.com/security/cve/CVE-2021-3659
CVE-2021-3679 https://www.suse.com/security/cve/CVE-2021-3679
CVE-2021-3715 https://www.suse.com/security/cve/CVE-2021-3715
CVE-2021-37159 https://www.suse.com/security/cve/CVE-2021-37159
CVE-2021-3732 https://www.suse.com/security/cve/CVE-2021-3732
CVE-2021-3744 https://www.suse.com/security/cve/CVE-2021-3744
CVE-2021-3752 https://www.suse.com/security/cve/CVE-2021-3752
CVE-2021-3753 https://www.suse.com/security/cve/CVE-2021-3753
CVE-2021-37576 https://www.suse.com/security/cve/CVE-2021-37576
CVE-2021-3759 https://www.suse.com/security/cve/CVE-2021-3759
CVE-2021-3760 https://www.suse.com/security/cve/CVE-2021-3760
CVE-2021-3764 https://www.suse.com/security/cve/CVE-2021-3764
CVE-2021-3772 https://www.suse.com/security/cve/CVE-2021-3772
CVE-2021-38160 https://www.suse.com/security/cve/CVE-2021-38160
CVE-2021-38198 https://www.suse.com/security/cve/CVE-2021-38198
CVE-2021-38204 https://www.suse.com/security/cve/CVE-2021-38204
CVE-2021-40490 https://www.suse.com/security/cve/CVE-2021-40490
CVE-2021-41864 https://www.suse.com/security/cve/CVE-2021-41864
CVE-2021-42008 https://www.suse.com/security/cve/CVE-2021-42008
CVE-2021-42252 https://www.suse.com/security/cve/CVE-2021-42252
CVE-2021-42739 https://www.suse.com/security/cve/CVE-2021-42739
libpcre1 CVE-2017-6004 https://www.suse.com/security/cve/CVE-2017-6004
CVE-2017-7186 https://www.suse.com/security/cve/CVE-2017-7186
CVE-2017-7244 https://www.suse.com/security/cve/CVE-2017-7244
CVE-2017-7245 https://www.suse.com/security/cve/CVE-2017-7245
CVE-2017-7246 https://www.suse.com/security/cve/CVE-2017-7246
CVE-2019-20838 https://www.suse.com/security/cve/CVE-2019-20838
CVE-2020-14155 https://www.suse.com/security/cve/CVE-2020-14155
libsndfile1 CVE-2021-4156 https://www.suse.com/security/cve/CVE-2021-4156
libsystemd0 CVE-2021-33910 https://www.suse.com/security/cve/CVE-2021-33910
libxcb1 CVE-2020-14344 https://www.suse.com/security/cve/CVE-2020-14344
OpenSSH CVE-2020-14145 https://www.suse.com/security/cve/CVE-2020-14145
CVE-2021-41617 https://www.suse.com/security/cve/CVE-2021-41617
Oracle Java CVE-2022-21248 https://www.suse.com/security/cve/CVE-2022-21248
CVE-2022-21271 https://www.suse.com/security/cve/CVE-2022-21271
CVE-2022-21277 https://www.suse.com/security/cve/CVE-2022-21277
CVE-2022-21282 https://www.suse.com/security/cve/CVE-2022-21282
CVE-2022-21283 https://www.suse.com/security/cve/CVE-2022-21283
CVE-2022-21291 https://www.suse.com/security/cve/CVE-2022-21291
CVE-2022-21293 https://www.suse.com/security/cve/CVE-2022-21293
CVE-2022-21294 https://www.suse.com/security/cve/CVE-2022-21294
CVE-2022-21296 https://www.suse.com/security/cve/CVE-2022-21296
CVE-2022-21299 https://www.suse.com/security/cve/CVE-2022-21299
CVE-2022-21305 https://www.suse.com/security/cve/CVE-2022-21305
CVE-2022-21340 https://www.suse.com/security/cve/CVE-2022-21340
CVE-2022-21341 https://www.suse.com/security/cve/CVE-2022-21341
CVE-2022-21349 https://www.suse.com/security/cve/CVE-2022-21349
CVE-2022-21360 https://www.suse.com/security/cve/CVE-2022-21360
CVE-2022-21365 https://www.suse.com/security/cve/CVE-2022-21365
CVE-2022-21366 https://www.suse.com/security/cve/CVE-2022-21366
SNMP CVE-2020-15862 https://www.suse.com/security/cve/CVE-2020-15862
systemd CVE-2019-20386 https://www.suse.com/security/cve/CVE-2019-20386
CVE-2021-33910 https://www.suse.com/security/cve/CVE-2021-33910
unzip CVE-2018-18384 https://www.suse.com/security/cve/CVE-2018-18384

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions Remediation
Dell EMC Elastic Cloud Storage 3.1.x, 3.2.x, 3.3.x, 3.4.x, 3.5.x, and 3.6.x 3.6.2.3

Note: Some CVEs included in ECS 3.6.2.3 are planned to be addressed in a future release of ECS.

Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Product Affected Versions Updated Versions Remediation
Dell EMC Elastic Cloud Storage 3.1.x, 3.2.x, 3.3.x, 3.4.x, 3.5.x, and 3.6.x 3.6.2.3

Note: Some CVEs included in ECS 3.6.2.3 are planned to be addressed in a future release of ECS.

Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Revision History

RevisionDateDescription
1.02022-05-19Initial Release
1.12022-06-14Minor update to Affected Products and Remediation section. 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

ECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-SeriesECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-Series, ECS Appliance Hardware Gen2 U-Series, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series, ECS Appliance Software without Encryption, Elastic Cloud Storage, Product Security InformationSee more

Last Published Date

14 Jun 2022

Version

2

Article Type

Dell Security Advisory