Dell Update
1746Warning Date
Severity Level
Warning Number
Target Sector
15 April, 2021
● High
2021-2774
All
Description:
Dell EMC has released security update to address multiple vulnerabilities in the following product:
- Dell Networking W-Series
- Aruba Instant
- Dell SRM and Dell Storage Monitoring and Reporting (SMR)
- Navisec CLI
- Dell SRM
- Dell SMR
- Dell Server Platform
- Intel® Ethernet 10G 4P X710/I350 Rndc
- Intel® Ethernet 10G 4P X710 SFP+ rNDC
- Intel® Ethernet 25G 2P XXV710 Adapter Full Height
- Intel® Ethernet OCP Mezzanine
- Intel® 10GbE 4P X710-t Adapter Full Height
- Dell iDRAC 9
- Dell PowerEdge VRTX
- Dell PowerEdge VRTX
- Dell PowerEdge VRTX
- Dell Networking
- Dell Networking X-Series firmware
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Escalation of privilege
Best practice and Recommendations:
The CERT team encourages users to review Dell EMC security advisory and apply the necessary updates:
- https://www.dell.com/support/kbdoc/en-us/000185205/dsa-2020-060-dell-emc-openmanage-enterprise-modular-ome-m-security-update-for-a-bypass-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000185247/dsa-2021-085-dell-networking-w-series-security-update-for-a-w-series-instant-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000185280/dsa-2021-087-dell-emc-srm-and-dell-emc-storage-monitoring-and-reporting-smr-security-update-for-third-party-component
- https://www.dell.com/support/kbdoc/en-us/000185245/dsa-2021-076-dell-emc-server-platform-security-advisory-for-intel-ethernet-700-series-controller-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000185293/dsa-2021-073-dell-emc-idrac-9-security-update-for-multiple-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000185252/dsa-2020-080-dell-emc-poweredge-vrtx-security-update-for-a-vrtx-switch-module-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000185250/dsa-2021-017-dell-emc-networking-security-update-for-a-weak-cryptography-vulnerability