Данная статья применяется к Данная статья не применяется к Эта статья не привязана к какому-либо конкретному продукту. В этой статье указаны не все версии продуктов.
Ознакомьтесь с другими ресурсами

Влияние

Critical

Подробные сведения

Summary:   
Multiple components within Dell EMC DCA require a security update to address various vulnerabilities. 

The components are updated for the following vulnerabilities:   

  • Kernel

CVE-2017-17805    CVE-2018-17972    CVE-2019-1125    CVE-2019-5489

  • bind

CVE-2018-5743

  • vim

CVE-2019-12735

  • libssh2

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3863

  • OpenJDK

CVE-2019-2745    CVE-2019-2762    CVE-2019-2769    CVE-2019-2786
CVE-2019-2816    CVE-2019-2842                                                

  • OpenSSH

CVE-2018-15473

  • Python

CVE-2019-9636

  • OpenSSL

CVE-2019-1559

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

The components are updated for the following vulnerabilities:   

  • Kernel

CVE-2017-17805    CVE-2018-17972    CVE-2019-1125    CVE-2019-5489

  • bind

CVE-2018-5743

  • vim

CVE-2019-12735

  • libssh2

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3863

  • OpenJDK

CVE-2019-2745    CVE-2019-2762    CVE-2019-2769    CVE-2019-2786
CVE-2019-2816    CVE-2019-2842                                                

  • OpenSSH

CVE-2018-15473

  • Python

CVE-2019-9636

  • OpenSSL

CVE-2019-1559

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

Dell рекомендует всем клиентам учитывать как базовую оценку CVSS, так и любые временные и обусловленные средой оценки, которые могут повлиять на потенциальную степень серьезности конкретной уязвимости.

Затронутые продукты и исправление

Affected products:     
Dell EMC Data Computing Appliance (DCA) software versions prior to 3.5.4.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:     

  • Dell EMC DCA 3.5.4.0

For Dell EMC DCA software version 3.3.0.0, 3.4.0.0, 3.4.1.0, 3.4.2.0, 3.5.0.0, 3.5.1.0, 3.5.2.0, and 3.5.3.0, the security update is contained in release 3.5.4.0.

To upgrade an earlier DCA version, you must upgrade to version 3.3.0.0 and then to version 3.5.4.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



Affected products:     
Dell EMC Data Computing Appliance (DCA) software versions prior to 3.5.4.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:     

  • Dell EMC DCA 3.5.4.0

For Dell EMC DCA software version 3.3.0.0, 3.4.0.0, 3.4.1.0, 3.4.2.0, 3.5.0.0, 3.5.1.0, 3.5.2.0, and 3.5.3.0, the security update is contained in release 3.5.4.0.

To upgrade an earlier DCA version, you must upgrade to version 3.3.0.0 and then to version 3.5.4.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



Связанная информация

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Правовая оговорка

Затронутые продукты

Data Computing Appliance V3

Продукты

Data Computing Appliance V3, Product Security Information
Свойства статьи
Номер статьи: 000001849
Тип статьи: Dell Security Advisory
Последнее изменение: 20 Sep 2024
Получите ответы на свои вопросы от других пользователей Dell
Услуги технической поддержки
Проверьте, распространяются ли на ваше устройство услуги технической поддержки.