DSA-2021-065: Dell PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Yhteenveto: Dell PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Tämä artikkeli koskee tuotetta Tämä artikkeli ei koske tuotetta Tämä artikkeli ei liity tiettyyn tuotteeseen. Tässä artikkelissa ei yksilöidä kaikkia tuoteversioita.
Tutustu muihin resursseihin

Vaikutus

Critical

Tiedot

Third-Party Component CVE(s) More information
vCenter Server CVE-2021-21972 https://www.vmware.com/security/advisories/VMSA-2021-0002.html
CVE-2021-21973
VMware ESXi CVE-2021-21974
Embedded OS CVE-2020-14372 Grub2 vulnerabilities:
https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2
 
CVE-2020-25632
CVE-2020-25647
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233
Cisco Nexus CVE-2021-1361 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2
CVE-2020-1971 https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970
Third-Party Component CVE(s) More information
vCenter Server CVE-2021-21972 https://www.vmware.com/security/advisories/VMSA-2021-0002.html
CVE-2021-21973
VMware ESXi CVE-2021-21974
Embedded OS CVE-2020-14372 Grub2 vulnerabilities:
https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2
 
CVE-2020-25632
CVE-2020-25647
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233
Cisco Nexus CVE-2021-1361 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2
CVE-2020-1971 https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa, ja tilanteen korjaaminen

CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2021-1361 PowerFlex rack Versions prior to 3.3.9.2

Versions prior to 3.4.4.2

Versions prior to 3.5.4.2
3.3.9.2




3.4.4.2



3.5.4.2
 		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2020-1971 PowerFlex rack Versions prior to 3.3.9.2 Upgrade to RCM versions below.  
Versions prior to 3.4.4.2

Versions prior to 3.5.4.2
 		 3.4.4.2



3.5.4.2
 		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2021-21972 PowerFlex rack Versions prior to 3.3.9.2

Versions prior to 3.4.4.2

Versions prior to 3.5.4.2		 3.3.9.2




3.4.4.2



3.5.4.2		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2021-21973
CVE-2021-21974
CVE-2020-14372
CVE-2020-25632
CVE-2020-25647
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233
CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2021-1361 PowerFlex rack Versions prior to 3.3.9.2

Versions prior to 3.4.4.2

Versions prior to 3.5.4.2
3.3.9.2




3.4.4.2



3.5.4.2
 		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2020-1971 PowerFlex rack Versions prior to 3.3.9.2 Upgrade to RCM versions below.  
Versions prior to 3.4.4.2

Versions prior to 3.5.4.2
 		 3.4.4.2



3.5.4.2
 		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2021-21972 PowerFlex rack Versions prior to 3.3.9.2

Versions prior to 3.4.4.2

Versions prior to 3.5.4.2		 3.3.9.2




3.4.4.2



3.5.4.2		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
CVE-2021-21973
CVE-2021-21974
CVE-2020-14372
CVE-2020-25632
CVE-2020-25647
CVE-2020-27749
CVE-2020-27779
CVE-2021-20225
CVE-2021-20233

Versiohistoria

RevisionDateDescription
1.02021-3-30Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Vastuuvapauslauseke

Tuotteet, joihin vaikutus kohdistuu

PowerFlex rack, Product Security Information

Tuotteet

PowerFlex Software
Artikkelin ominaisuudet
Artikkelin numero: 000184747
Artikkelin tyyppi: Dell Security Advisory
Viimeksi muutettu: 22 toukok. 2021
Etsi vastauksia kysymyksiisi muilta Dell-käyttäjiltä
Tukipalvelut
Tarkista, kuuluuko laitteesi tukipalveluiden piiriin.