DSA-2020-216: PowerFlex Rack Security Update for Multiple Third-Party Component Vulnerabilities
Summary: DSA-2020-216: PowerFlex Rack Security Update for Multiple Third-Party Component Vulnerabilities
Bu makale şunlar için geçerlidir:
Bu makale şunlar için geçerli değildir:
Bu makale, belirli bir ürüne bağlı değildir.
Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Impact
High
Details
Summary:
Multiple components within Dell EMC PowerFlex Rack require a security update to address various vulnerabilities.
| Third-party Component | CVE(s) | More information |
| iDRAC version 4.20.20.20 | CVE-2020-5366 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
| VMware ESXi 6.5 EP 20 16389870 (Build 16389870) and ESXi 6.7 EP 15 Build Number 16316930 | CVE-2020-3967 | VMSA-2020-0011 VMSA-2020-0012 VMSA-2020-0014 |
| CVE-2020-3968 | ||
| CVE-2020-3966 | ||
| CVE-2020-3965 | ||
| CVE-2020-3963 | ||
| CVE-2020-3964 | ||
| CVE-2020-3960 | ||
| CVE-2020-3959 | ||
| GRUB Bootloader Vulnerability | CVE-2020-10713 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
| Third-party Component | CVE(s) | More information |
| iDRAC version 4.20.20.20 | CVE-2020-5366 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
| VMware ESXi 6.5 EP 20 16389870 (Build 16389870) and ESXi 6.7 EP 15 Build Number 16316930 | CVE-2020-3967 | VMSA-2020-0011 VMSA-2020-0012 VMSA-2020-0014 |
| CVE-2020-3968 | ||
| CVE-2020-3966 | ||
| CVE-2020-3965 | ||
| CVE-2020-3963 | ||
| CVE-2020-3964 | ||
| CVE-2020-3960 | ||
| CVE-2020-3959 | ||
| GRUB Bootloader Vulnerability | CVE-2020-10713 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
Etkilenen Ürünler ve Düzeltme
Affected Products:
Dell EMC PowerFlex Rack versions prior to 3.3.8.1
Dell EMC PowerFlex Rack versions prior to 3.4.3.1
Dell EMC PowerFlex Rack versions prior to 3.5.3.1
Resolution:
The following Dell EMC PowerFlex Rack releases contain a resolution to these vulnerabilities:
Dell EMC recommends all customers upgrade at the earliest opportunity.
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.
For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
Dell EMC PowerFlex Rack versions prior to 3.3.8.1
Dell EMC PowerFlex Rack versions prior to 3.4.3.1
Dell EMC PowerFlex Rack versions prior to 3.5.3.1
Resolution:
The following Dell EMC PowerFlex Rack releases contain a resolution to these vulnerabilities:
- Dell EMC PowerFlex Rack version 3.3.8.1
- Dell EMC PowerFlex Rack version 3.4.3.1
- Dell EMC PowerFlex Rack version 3.5.3.1
Dell EMC recommends all customers upgrade at the earliest opportunity.
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.
For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
Affected Products:
Dell EMC PowerFlex Rack versions prior to 3.3.8.1
Dell EMC PowerFlex Rack versions prior to 3.4.3.1
Dell EMC PowerFlex Rack versions prior to 3.5.3.1
Resolution:
The following Dell EMC PowerFlex Rack releases contain a resolution to these vulnerabilities:
Dell EMC recommends all customers upgrade at the earliest opportunity.
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.
For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
Dell EMC PowerFlex Rack versions prior to 3.3.8.1
Dell EMC PowerFlex Rack versions prior to 3.4.3.1
Dell EMC PowerFlex Rack versions prior to 3.5.3.1
Resolution:
The following Dell EMC PowerFlex Rack releases contain a resolution to these vulnerabilities:
- Dell EMC PowerFlex Rack version 3.3.8.1
- Dell EMC PowerFlex Rack version 3.4.3.1
- Dell EMC PowerFlex Rack version 3.5.3.1
Dell EMC recommends all customers upgrade at the earliest opportunity.
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.
For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
Related Information
Yasal Uyarı
Etkilenen Ürünler
VxFlex Product FamilyÜrünler
Product Security Information, VxFlex Product FamilyMakale Özellikleri
Article Number: 000001679
Article Type: Dell Security Advisory
Son Değiştirme: 10 Nis 2021
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.