DSA-2019-061: Dell EMC Data Computing Appliance (DCA) Security Update for Multiple Vulnerabilities in Embedded Components

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

Critical

Détails

Summary:     
Multiple components within Dell EMC DCA require a security update to address various vulnerabilities.

The embedded components are updated for the following vulnerabilities:     

  • Kernel

CVE-2018-10902

  • ntp

CVE-2018-12327

  • ghostscrip 

CVE-2018-16509

  • Polkit

CVE-2019-6133

  • openjdk

CVE-2018-11212    CVE-2019-2422    CVE-2019-2426    CVE-2019-2449
CVE-2019-2540

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

The embedded components are updated for the following vulnerabilities:     

  • Kernel

CVE-2018-10902

  • ntp

CVE-2018-12327

  • ghostscrip 

CVE-2018-16509

  • Polkit

CVE-2019-6133

  • openjdk

CVE-2018-11212    CVE-2019-2422    CVE-2019-2426    CVE-2019-2449
CVE-2019-2540

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Affected products:     
Dell EMC Data Computing Appliance (DCA) versions prior to 3.5.3.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:

  • Dell EMC DCA 3.5.3.0

For Dell EMC DCA version 3.5.3.0 and later, the security update is contained in the release 3.5.3.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.


Link to Remedies:     
Only authorized Dell EMC Customer Support personnel can download Dell EMC DCA software version 3.5.3.0 from Dell EMC Online Support. Customers must call Dell EMC Support to schedule an upgrade to DCA version 3.5.3.0.



Affected products:     
Dell EMC Data Computing Appliance (DCA) versions prior to 3.5.3.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:

  • Dell EMC DCA 3.5.3.0

For Dell EMC DCA version 3.5.3.0 and later, the security update is contained in the release 3.5.3.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.


Link to Remedies:     
Only authorized Dell EMC Customer Support personnel can download Dell EMC DCA software version 3.5.3.0 from Dell EMC Online Support. Customers must call Dell EMC Support to schedule an upgrade to DCA version 3.5.3.0.



Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Data Computing Appliance V3

Produits

Data Computing Appliance V3, Product Security Information
Propriétés de l’article
Numéro d’article: 000001829
Type d’article: Dell Security Advisory
Dernière modification: 20 sept. 2024
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.