DSA-2021-094: Dell ECS Security Update for Multiple Third-Party Component Vulnerabilities
Riepilogo: Dell ECS remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Questo articolo si applica a
Questo articolo non si applica a
Questo articolo non è legato a un prodotto specifico.
Non tutte le versioni del prodotto sono identificate in questo articolo.
Impatto
Medium
Dettagli
Third-Party Component |
CVEs | More information |
| OpenSSL | CVE-2020-1971 | NVD - CVE-2020-1971 |
| Dell iDRAC9 | CVE-2021-21539 | |
| CVE-2021-21540 | ||
| CVE-2021-21541 | ||
| CVE-2021-21542 | ||
| CVE-2021-21543 | ||
| CVE-2021-21544 |
Third-Party Component |
CVEs | More information |
| OpenSSL | CVE-2020-1971 | NVD - CVE-2020-1971 |
| Dell iDRAC9 | CVE-2021-21539 | |
| CVE-2021-21540 | ||
| CVE-2021-21541 | ||
| CVE-2021-21542 | ||
| CVE-2021-21543 | ||
| CVE-2021-21544 |
Prodotti interessati e correzione
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2020-1971 | Dell ECS | Versions prior to 3.6.1.1 | 3.6.1.1 | Link to update |
| CVE-2021-21539 | Dell ECS Appliance Hardware Gen3 EX300 ECS Appliance Hardware Gen3 EX500 iDRAC9 firmware |
Versions prior to 4.40.00.00 | 4.40.00.00 or later | Link to update |
| CVE-2021-21540 | ||||
| CVE-2021-21541 | ||||
| CVE-2021-21543 | ||||
| CVE-2021-21544 | ||||
| CVE-2021-21542 | Dell ECS Appliance Hardware Gen3 EX300 Dell ECS Appliance Hardware Gen3 EX500 Dell ECS Appliance Hardware Gen3 EXF900 iDRAC9 firmware |
Versions prior to 4.40.10.00 | 4.40.10.00 | Link to update |
NOTE:
Customers should open an “Operating Environment Upgrade” Service Request with the ECS Remote Proactive team and reference this DSA number along with the desired remediation action from the below:
- Customers below 3.6.1.1:
- Upgrade to ECS 3.6.1.1
- Apply iDRAC 4.40.10.00 Firmware Upgrade (Gen3 EX300/EX500/EXF900 HW Only)
- Customers on 3.6.1.1:
- Apply iDRAC 4.40.10.00 Firmware Upgrade (Gen3 Ex300/EX500/EXF900 HW Only)
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2020-1971 | Dell ECS | Versions prior to 3.6.1.1 | 3.6.1.1 | Link to update |
| CVE-2021-21539 | Dell ECS Appliance Hardware Gen3 EX300 ECS Appliance Hardware Gen3 EX500 iDRAC9 firmware |
Versions prior to 4.40.00.00 | 4.40.00.00 or later | Link to update |
| CVE-2021-21540 | ||||
| CVE-2021-21541 | ||||
| CVE-2021-21543 | ||||
| CVE-2021-21544 | ||||
| CVE-2021-21542 | Dell ECS Appliance Hardware Gen3 EX300 Dell ECS Appliance Hardware Gen3 EX500 Dell ECS Appliance Hardware Gen3 EXF900 iDRAC9 firmware |
Versions prior to 4.40.10.00 | 4.40.10.00 | Link to update |
NOTE:
Customers should open an “Operating Environment Upgrade” Service Request with the ECS Remote Proactive team and reference this DSA number along with the desired remediation action from the below:
- Customers below 3.6.1.1:
- Upgrade to ECS 3.6.1.1
- Apply iDRAC 4.40.10.00 Firmware Upgrade (Gen3 EX300/EX500/EXF900 HW Only)
- Customers on 3.6.1.1:
- Apply iDRAC 4.40.10.00 Firmware Upgrade (Gen3 Ex300/EX500/EXF900 HW Only)
Cronologia delle revisioni
| Revision | Date | Description |
| 1.0 | 2021-06-08 | Initial Release |
Ringraziamenti
Dell Technologies would like to thank Fabian Bräunlein and Tomasz Holeksa for reporting this issue.
Informazioni correlate
Dichiarazione di non responsabilità
Prodotti interessati
ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, Product Security InformationProprietà dell'articolo
Numero articolo: 000188058
Tipo di articolo: Dell Security Advisory
Ultima modifica: 18 set 2025
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.