DSA-2020-179: Dell EMC Data Domain Security Update for OpenSSL Vulnerabilities

Resumen: The OpenSSL component within Dell EMC Data Domain requires a security update to address various vulnerabilities.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Medium

Detalles

Third-party Component CVE(s) More information
OpenSSL CVE-2019-1547 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2019-1551
CVE-2019-1563
CVE-2019-1552

Data Domain upgraded to OpenSSL 1.0.2u to mitigate the above CVEs.

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Third-party Component CVE(s) More information
OpenSSL CVE-2019-1547 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2019-1551
CVE-2019-1563
CVE-2019-1552

Data Domain upgraded to OpenSSL 1.0.2u to mitigate the above CVEs.

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Affected products:     
All Data Domain physical and virtual models
Dell EMC Data Domain OS versions prior to DDOS 6.0.2.9
Dell EMC Data Domain OS versions prior to DDOS 6.1.2.70
Dell EMC Data Domain OS versions prior to DDOS 6.2.1.0
Dell EMC Data Domain OS versions prior to DDOS 7.0.0.20


Remediation:   
The following Dell EMC Data Domain releases address these vulnerabilities:     

  • Dell EMC Data Domain OS versions DDOS 6.1.2.70 and later

  • Dell EMC Data Domain OS versions DDOS 6.2.1.0 and later

  • Dell EMC Data Domain OS versions DDOS 7.0.0.20 and later

Dell EMC recommends all customers upgrade at the earliest opportunity.


Affected products:     
All Data Domain physical and virtual models
Dell EMC Data Domain OS versions prior to DDOS 6.0.2.9
Dell EMC Data Domain OS versions prior to DDOS 6.1.2.70
Dell EMC Data Domain OS versions prior to DDOS 6.2.1.0
Dell EMC Data Domain OS versions prior to DDOS 7.0.0.20


Remediation:   
The following Dell EMC Data Domain releases address these vulnerabilities:     

  • Dell EMC Data Domain OS versions DDOS 6.1.2.70 and later

  • Dell EMC Data Domain OS versions DDOS 6.2.1.0 and later

  • Dell EMC Data Domain OS versions DDOS 7.0.0.20 and later

Dell EMC recommends all customers upgrade at the earliest opportunity.


Soluciones alternativas y mitigaciones

None

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

Data Domain, Data Domain, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, DD Boost for Enterprise Applications, DD OS, DD OS 4.9, PowerProtect Data Domain Management Center

Productos

DD OS 6.2, DD OS 5.0, DD OS 5.1, DD OS 5.2, DD OS 5.3, DD OS 5.4, DD OS 5.5, DD OS 5.6, DD OS 6.0, DD OS 6.1, DD OS 7.0, DD OS 7.1, DD OS 7.2, DD OS Licensed Features, DD OS Previous Versions, Product Security Information
Propiedades del artículo
Número del artículo: 000001712
Tipo de artículo: Dell Security Advisory
Última modificación: 19 sept 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.