DSA-2021-065: Dell PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities
Resumen: Dell PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
Corrección y productos afectados
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2021-3-30 | Initial Release |
Información relacionada
Descargo de responsabilidad
Productos afectados
PowerFlex rack, Product Security InformationProductos
PowerFlex SoftwarePropiedades del artículo
Número del artículo: 000184747
Tipo de artículo: Dell Security Advisory
Última modificación: 22 may 2021
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.