Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

DELL EMC Updates

132

Warning Date: 21 February, 2021

Severity Level ● Critical

Warning Number: 2021-2502

Target Sector: All

Description:

Dell EMC has released security updates to address multiple vulnerabilities in the following products:

  • Dell EMC Avamar
    • Dell EMC Avamar Server hardware appliance Gen4S/Gen4T with version 19.3/19.4 running SUSE Linux Enterprise 12 SP5
    • Dell EMC Avamar Virtual Edition versions 19.3/19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments)
    • Dell EMC Avamar NDMP Accelerator 19.3/19.4 running SUSE Linux Enterprise 12 SP5
    • Dell EMC Avamar VMware Image Proxy versions 19.4 running SUSE Linux Enterprise 12 SP5
  • Dell EMC NetWorker Virtual Edition (NVE)
    • Dell EMC NetWorker Virtual Edition (NVE) versions 19.4 running SUSE Linux Enterprise 12 SP5
  • Dell EMC Integrated Data Protection Appliance
    • 2.6
    • 2.6.1
  • Dell X-Series firmware
    • versions 3.0.1.2 and older
  • Dell PC5500 firmware
    • versions 4.1.0.22 and older
  • Dell VRTX Switches firmware
    • versions 2.0.0.77 and older
  • Dell EMC Data Computing Appliance (DCA)
    • Versions prior to DCA 4.2.1.0
    • Versions prior to Firmware tool 3H00

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Information disclosure
  • Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review Dell EMC security advisory and apply the necessary updates:

Last updated at 21 February, 2021