DSA-2019-132: Dell EMC Connectrix Security Update for Multiple Security Vulnerabilities

• CVE-2018-6443

For more information, see https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743

• CVE-2018-6446

For more information, see https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-841

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.  

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

Affected products:     

• For CVE-2018-6443: Dell EMC Connectrix Manager Converged Network Edition (CMCNE), all versions

• For CVE-2018-6446: Dell EMC Connectrix Manager Converged Network Edition (CMCNE), versions prior to 14.3.1

Remediation:      
For CVE-2018-6446, the following Dell EMC Connectrix release addresses this vulnerability:      

• Dell EMC Connectrix Manager Converged Network Edition (CMCNE) version 14.3.1 and later

Customers can download software from Dell EMC Online Support at https://support.emc.com/products/23304?siteLocale=en_US

For CVE-2018-6443, customers can refer to the solution in Broadcom advisory: https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743