DSA-2021-065: Dell PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities
摘要: Dell PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
| Third-Party Component | CVE(s) | More information |
| vCenter Server | CVE-2021-21972 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html |
| CVE-2021-21973 | ||
| VMware ESXi | CVE-2021-21974 | |
| Embedded OS | CVE-2020-14372 | Grub2 vulnerabilities: https://access.redhat.com/errata/RHSA-2021:0701?sc_cid=701600000006NHXAA2 |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
| Cisco Nexus | CVE-2021-1361 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 |
| CVE-2020-1971 | https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw93970 |
受影響的產品與補救措施
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
| CVEs | Product | Affected RCM Versions | Updated RCM Versions | Link to Update |
| CVE-2021-1361 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2020-1971 | PowerFlex rack | Versions prior to 3.3.9.2 | Upgrade to RCM versions below. | |
| Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
||
| CVE-2021-21972 | PowerFlex rack | Versions prior to 3.3.9.2 Versions prior to 3.4.4.2 Versions prior to 3.5.4.2 |
3.3.9.2 3.4.4.2 3.5.4.2 |
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home. For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417 |
| CVE-2021-21973 | ||||
| CVE-2021-21974 | ||||
| CVE-2020-14372 | ||||
| CVE-2020-25632 | ||||
| CVE-2020-25647 | ||||
| CVE-2020-27749 | ||||
| CVE-2020-27779 | ||||
| CVE-2021-20225 | ||||
| CVE-2021-20233 |
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2021-3-30 | Initial Release |
相關資訊
法律免責聲明
受影響的產品
PowerFlex rack, Product Security Information產品
PowerFlex Software文章屬性
文章編號: 000184747
文章類型: Dell Security Advisory
上次修改時間: 22 5月 2021
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。