DSA-2019-080: Dell SupportAssist Enterprise Security Update for Eclipse Jetty Server Vulnerability

The Eclipse Jetty Server component in Dell SupportAssist Enterprise has been updated for the following vulnerability:

• CVE-2017-7658

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search.

Affected Products:
Dell SupportAssist Enterprise version 2.0.20 and prior versions

Remediation:

The following Dell SupportAssist Enterprise release contains a resolution to this vulnerability:

• Dell SupportAssist Enterprise version 2.0.21

Dell Technologies recommends all customers update at the earliest opportunity.

Method 1: Auto Update

Dell SupportAssist Enterprise automatically upgrades to the latest version available, if automatic updates are enabled.

Method 2: Manual Update

To update manually, download and install the latest product version for:

SupportAssist Enterprise Windows management server 

SupportAssist Enterprise Linux management server

Go to Dell Drivers & Downloads for updates on the applicable products.

Customers may use one of the Dell Notification Solutions to be notified and download driver, BIOS, and firmware updates automatically once available.