DSA-2020-218: Dell EMC Data Protection Central Security Update for Multiple Third-Party Component Vulnerabilities

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Critical

Detalles

Multiple components within Dell EMC Data Protection Central require a security update to address various vulnerabilities. 

Third-party Component CVE(s) More Information
libxerces-c-3_1=3.1.1-13.3.6 CVE-2017-12627 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
 
libX11-6=1.6.2-12.12.1
libX11-data=1.6.2-12.12.1		 CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
CVE-2020-14344
bind-libs=9.9.9P1-63.17.1
bind-utils=9.9.9P1-63.17.1		 CVE-2018-5741
CVE-2020-8616
CVE-2020-8617
ntp= 4.2.8p15-88.1 CVE-2018-8956
CVE-2020-13817
CVE-2020-15025
CVE-2020-11868
libgcc_s1= 9.2.1+r275327-1.3.9
libstdc++6= 9.2.1+r275327-1.3.9
libstdc++6= 9.3.1+git1296-1.7.2		 CVE-2019-14250
CVE-2019-15847
kernel-default=4.4.121-92.138.1 CVE-2019-20810
CVE-2019-20812
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-12771
CVE-2020-13974
CVE-2020-14416
grub2=2.02~beta2-115.52.1
grub2-i386-pc=2.02~beta2-115.52.1
grub2-snapper-plugin=2.02~beta2-115.52.1
grub2-systemd-sleep-plugin=2.02~beta2-115.52.1		 CVE-2020-10713
CVE-2020-14308
CVE-2020-15705
CVE-2020-15706
CVE-2020-15707
libfreebl3=3.53.1-58.48.1
libsoftokn3=3.53.1-58.48.1
mozilla-nss=3.53.1-58.48.1
mozilla-nss-certs=3.53.1-58.48.1		 CVE-2020-12399
CVE-2020-12402
libxslt-tools
libxslt1		 CVE-2019-11068
CVE-2019-13117
CVE-2019-13118
CVE-2019-18197
openldap2=2.4.41-18.71.2 CVE-2015-1545
CVE-2015-1546
CVE-2015-6908
CVE-2017-17740
CVE-2019-13057
CVE-2017-17740
CVE-2019-13565
CVE-2020-12243
CVE-2020-8023

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Third-party Component CVE(s) More Information
libxerces-c-3_1=3.1.1-13.3.6 CVE-2017-12627 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
 
libX11-6=1.6.2-12.12.1
libX11-data=1.6.2-12.12.1		 CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
CVE-2020-14344
bind-libs=9.9.9P1-63.17.1
bind-utils=9.9.9P1-63.17.1		 CVE-2018-5741
CVE-2020-8616
CVE-2020-8617
ntp= 4.2.8p15-88.1 CVE-2018-8956
CVE-2020-13817
CVE-2020-15025
CVE-2020-11868
libgcc_s1= 9.2.1+r275327-1.3.9
libstdc++6= 9.2.1+r275327-1.3.9
libstdc++6= 9.3.1+git1296-1.7.2		 CVE-2019-14250
CVE-2019-15847
kernel-default=4.4.121-92.138.1 CVE-2019-20810
CVE-2019-20812
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-12771
CVE-2020-13974
CVE-2020-14416
grub2=2.02~beta2-115.52.1
grub2-i386-pc=2.02~beta2-115.52.1
grub2-snapper-plugin=2.02~beta2-115.52.1
grub2-systemd-sleep-plugin=2.02~beta2-115.52.1		 CVE-2020-10713
CVE-2020-14308
CVE-2020-15705
CVE-2020-15706
CVE-2020-15707
libfreebl3=3.53.1-58.48.1
libsoftokn3=3.53.1-58.48.1
mozilla-nss=3.53.1-58.48.1
mozilla-nss-certs=3.53.1-58.48.1		 CVE-2020-12399
CVE-2020-12402
libxslt-tools
libxslt1		 CVE-2019-11068
CVE-2019-13117
CVE-2019-13118
CVE-2019-18197
openldap2=2.4.41-18.71.2 CVE-2015-1545
CVE-2015-1546
CVE-2015-6908
CVE-2017-17740
CVE-2019-13057
CVE-2017-17740
CVE-2019-13565
CVE-2020-12243
CVE-2020-8023

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Affected products:     
Dell EMC Data Protection Central versions 1.0.0, 1.0.1, 18.1, 18.2, 19.1, 19.2, and 19.3
Dell EMC IDPA System Manager version 18.1, 18.2, and 19.2
Dell EMC Integrated Data Protection Appliance (IDPA) version 2.6


Remediation:     
Dell EMC creates and distributes the Data Protection Central OS Update. These DPC OS Updates contain security patches from third party components for the Data Protection Central system. See Data Protection Central OS Update Release Notes for more information.

Apply the Data Protection Central OS Update to all Data Protection Central systems installed via DPC OVA deployment; DPC systems installed without use of the DPC OVA are not updated by the DPC OS Update procedure.

To upgrade your Dell EMC Data Protection Central system, see KB article 522157: Data Protection Central: How to Install the Data Protection Central OS Update for installation instructions.  (Only registered Dell Customers can access the content on the article link via Dell.com/support)

Dell EMC recommends all customers upgrade at the earliest opportunity.



Affected products:     
Dell EMC Data Protection Central versions 1.0.0, 1.0.1, 18.1, 18.2, 19.1, 19.2, and 19.3
Dell EMC IDPA System Manager version 18.1, 18.2, and 19.2
Dell EMC Integrated Data Protection Appliance (IDPA) version 2.6


Remediation:     
Dell EMC creates and distributes the Data Protection Central OS Update. These DPC OS Updates contain security patches from third party components for the Data Protection Central system. See Data Protection Central OS Update Release Notes for more information.

Apply the Data Protection Central OS Update to all Data Protection Central systems installed via DPC OVA deployment; DPC systems installed without use of the DPC OVA are not updated by the DPC OS Update procedure.

To upgrade your Dell EMC Data Protection Central system, see KB article 522157: Data Protection Central: How to Install the Data Protection Central OS Update for installation instructions.  (Only registered Dell Customers can access the content on the article link via Dell.com/support)

Dell EMC recommends all customers upgrade at the earliest opportunity.



Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

Data Protection Central

Productos

Data Protection Central, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information
Propiedades del artículo
Número del artículo: 000153600
Tipo de artículo: Dell Security Advisory
Última modificación: 19 sept. 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.