DSA-2021-021 Dell EMC Integrated Data Protection Appliance Security Update for ACM, DP Advisor, vSphere, and BIOS component vulnerabilities

Resumen: Dell EMC Integrated Data Protection Appliance 2.6.1 contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Critical

Detalles

Third-Party Component
 		 CVE(s)  More information
vSphere 6.7 CVE-2020-3960 https://www.vmware.com/security/advisories/VMSA-2020-0012.html
https://www.vmware.com/security/advisories/VMSA-2020-0018.html
https://www.vmware.com/security/advisories/VMSA-2020-0023.html
https://www.vmware.com/security/advisories/VMSA-2020-0026.html
CVE-2020-3976
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-4004
CVE-2020-4005
iDRAC9 CVE-2020-5366 https://www.dell.com/support/kbdoc/en-in/000177335/dsa-2020-128-idrac-local-file-inclusion-vulnerability
Data Protection Advisor CVE-2020-10745
 		 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10713
 
CVE-2017-12627
Appliance Configuration Manager CVE-2020-10713  See NVD (http://nvd.nist.gov/) for individual scores for each CVE
https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
CVE-2020-1971
CVE-2020-14792
CVE-2020-14781
CVE-2020-14782
CVE-2020-14797
CVE-2020-14779
CVE-2020-14796
CVE-2020-14798
Intel® SGX and Intel® TXT CVE-2020-0545 Intel-SA-00329
Intel-SA-00300
Intel-SA-00306
Intel-SA-00308
Intel-SA-00314
Intel-SA-00332



 
CVE-2020-0548
CVE-2019-14600
CVE-2019-14596
CVE-2019-14601
CVE-2019-14615
CVE-2019-14629
VMware vCenter CVE-2021-21972  
CVE-2021-21973
Third-Party Component
 		 CVE(s)  More information
vSphere 6.7 CVE-2020-3960 https://www.vmware.com/security/advisories/VMSA-2020-0012.html
https://www.vmware.com/security/advisories/VMSA-2020-0018.html
https://www.vmware.com/security/advisories/VMSA-2020-0023.html
https://www.vmware.com/security/advisories/VMSA-2020-0026.html
CVE-2020-3976
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-4004
CVE-2020-4005
iDRAC9 CVE-2020-5366 https://www.dell.com/support/kbdoc/en-in/000177335/dsa-2020-128-idrac-local-file-inclusion-vulnerability
Data Protection Advisor CVE-2020-10745
 		 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10713
 
CVE-2017-12627
Appliance Configuration Manager CVE-2020-10713  See NVD (http://nvd.nist.gov/) for individual scores for each CVE
https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
CVE-2020-1971
CVE-2020-14792
CVE-2020-14781
CVE-2020-14782
CVE-2020-14797
CVE-2020-14779
CVE-2020-14796
CVE-2020-14798
Intel® SGX and Intel® TXT CVE-2020-0545 Intel-SA-00329
Intel-SA-00300
Intel-SA-00306
Intel-SA-00308
Intel-SA-00314
Intel-SA-00332



 
CVE-2020-0548
CVE-2019-14600
CVE-2019-14596
CVE-2019-14601
CVE-2019-14615
CVE-2019-14629
VMware vCenter CVE-2021-21972  
CVE-2021-21973
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Product Affected Version(s) Updated Version(s) Link to Update  
Dell EMC Integrated Data Protection Appliance Versions prior to 2.6.1 2.6.1 IDPA 4x appliances: https://dl.dell.com/downloads/DL102500_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-4400-Appliances.tar.gz 
IDPA 5x and 8x appliances: https://dl.dell.com/downloads/DL102499_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.tar.gz		  
 
 

Note: IDPA 2.6.1 patch is supported only on IDPA 2.6.

Dell EMC recommends all customers upgrade at the earliest opportunity. Firmware (BIOS, iDRAC9) fixes are applied by support. Contact Dell EMC Integrated Data Protection Appliance customer support to download the required upgrade file and install it.
Product Affected Version(s) Updated Version(s) Link to Update  
Dell EMC Integrated Data Protection Appliance Versions prior to 2.6.1 2.6.1 IDPA 4x appliances: https://dl.dell.com/downloads/DL102500_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-4400-Appliances.tar.gz 
IDPA 5x and 8x appliances: https://dl.dell.com/downloads/DL102499_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.tar.gz		  
 
 

Note: IDPA 2.6.1 patch is supported only on IDPA 2.6.

Dell EMC recommends all customers upgrade at the earliest opportunity. Firmware (BIOS, iDRAC9) fixes are applied by support. Contact Dell EMC Integrated Data Protection Appliance customer support to download the required upgrade file and install it.

Soluciones alternativas y mitigaciones

None

Historial de revisiones

RevisionDateDescription
1.002-04-2021Initial Release

 

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

PowerProtect Data Protection Appliance, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Product Security Information
Propiedades del artículo
Número del artículo: 000182743
Tipo de artículo: Dell Security Advisory
Última modificación: 22 may. 2021
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.