DSA-2021-065: Dell PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities
Resumo: Dell PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Este artigo aplica-se a
Este artigo não se aplica a
Este artigo não está vinculado a nenhum produto específico.
Nem todas as versões do produto estão identificadas neste artigo.
Impacto
Critical
Dados
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
Produtos afetados e soluções
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
Histórico de revisão
| Revision | Date | Description |
| 1.0 | 2021-3-30 | Initial Release |
Informações relacionadas
Aviso de isenção legal
Produtos afetados
PowerFlex rack, Product Security InformationProdutos
PowerFlex SoftwarePropriedades do artigo
Número do artigo: 000184747
Tipo de artigo: Dell Security Advisory
Último modificado: 22 mai. 2021
Encontre as respostas de outros usuários da Dell para suas perguntas.
Serviços de suporte
Verifique se o dispositivo está coberto pelos serviços de suporte.