DSA-2022-185: Dell xDoctor4ECS Security Update for Multiple Third-Party Vulnerabilities

Summary: Dell xDoctor4ECS-4.8-84.0 remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Third-party Component CVE IDs Details
Commons I/O CVE-2021-29425 https://nvd.nist.gov/vuln/detail/CVE-2021-29425 This hyperlink is taking you to a website outside of Dell Technologies.

urllib3		 CVE-2021-33503 https://nvd.nist.gov/vuln/detail/CVE-2021-33503 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-26137 https://nvd.nist.gov/vuln/detail/CVE-2020-26137 This hyperlink is taking you to a website outside of Dell Technologies.
Third-party Component CVE IDs Details
Commons I/O CVE-2021-29425 https://nvd.nist.gov/vuln/detail/CVE-2021-29425 This hyperlink is taking you to a website outside of Dell Technologies.

urllib3		 CVE-2021-33503 https://nvd.nist.gov/vuln/detail/CVE-2021-33503 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-26137 https://nvd.nist.gov/vuln/detail/CVE-2020-26137 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions Link to Update
Dell xDoctor4ECS xDoctor4ECS-4.8-80.0 and earlier versions xDoctor4ECS-4.8-84.0 Dell recommends all customers have their xDoctor4ECS upgrade to remediation mentioned security vulnerabilities Patch.

Dell xDoctor4ECS is customer upgradable. The upgrade instructions are in the release notes. If you require assistance upgrading Dell xDoctor4ECS, open a case with Customer Support.

Note: Dell xDoctor4ECS R81-R83 has the mitigation that is applied.
Product Affected Versions Updated Versions Link to Update
Dell xDoctor4ECS xDoctor4ECS-4.8-80.0 and earlier versions xDoctor4ECS-4.8-84.0 Dell recommends all customers have their xDoctor4ECS upgrade to remediation mentioned security vulnerabilities Patch.

Dell xDoctor4ECS is customer upgradable. The upgrade instructions are in the release notes. If you require assistance upgrading Dell xDoctor4ECS, open a case with Customer Support.

Note: Dell xDoctor4ECS R81-R83 has the mitigation that is applied.

Revision History

RevisionDateDescription
1.02022-07-12Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

ECS, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen1 U-Series, ECS Appliance Hardware Gen1 C-Series, ECS Appliance Hardware Gen2 C-Series, Product Security Information

Products

ECS Appliance Hardware Gen3 EX5000, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-Series, ECS Appliance Hardware Gen2 U-Series , ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series, ECS Appliance Software without Encryption ...
Article Properties
Article Number: 000201429
Article Type: Dell Security Advisory
Last Modified: 14 Jun 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.