The official site for Saudi CERT
DELL EMC Updates
2439
Warning Date
Severity Level
Warning Number
Target Sector
21 February, 2021
● Critical
2021-2502
All
Description:
Dell EMC has released security updates to address multiple vulnerabilities in the following products:
- Dell EMC Avamar
- Dell EMC Avamar Server hardware appliance Gen4S/Gen4T with version 19.3/19.4 running SUSE Linux Enterprise 12 SP5
- Dell EMC Avamar Virtual Edition versions 19.3/19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments)
- Dell EMC Avamar NDMP Accelerator 19.3/19.4 running SUSE Linux Enterprise 12 SP5
- Dell EMC Avamar VMware Image Proxy versions 19.4 running SUSE Linux Enterprise 12 SP5
- Dell EMC NetWorker Virtual Edition (NVE)
- Dell EMC NetWorker Virtual Edition (NVE) versions 19.4 running SUSE Linux Enterprise 12 SP5
- Dell EMC Integrated Data Protection Appliance
- 2.6
- 2.6.1
- Dell X-Series firmware
- versions 3.0.1.2 and older
- Dell PC5500 firmware
- versions 4.1.0.22 and older
- Dell VRTX Switches firmware
- versions 2.0.0.77 and older
- Dell EMC Data Computing Appliance (DCA)
- Versions prior to DCA 4.2.1.0
- Versions prior to Firmware tool 3H00
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Information disclosure
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review Dell EMC security advisory and apply the necessary updates:
- https://www.dell.com/support/kbdoc/en-us/000183192/dsa-2021-039-dell-emc-avamar-and-networker-security-update-for-multiple-components
- https://www.dell.com/support/kbdoc/en-us/000133476/dsa-2020-042-dell-networking-security-update-for-an-information-disclosure-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000182694/dsa-2021-022-dell-emc-data-computing-appliance-dca-security-update-for-multiple-third-party-components
Rate the content
Share the page
