The official site for Saudi CERT
DELL EMCUpdates
2635
Warning Date
Severity Level
Warning Number
Target Sector
29 September, 2020
● Critical
2020-1850
All
Description:
DELL EMC has released a security update to address several vulnerabilities in the following products:
- Dell EMC Unisphere for PowerMax
- Oracle
- Bootstrap
- Dell EMC Unisphere for PowerMax Virtual Appliance
- Oracle
- Bootstrap
- Dell EMC Solutions Enabler Virtual Appliance
- Oracle
- Bootstrap
- Dell EMC PowerMax Embedded Management
- Oracle
- Bootstrap
- Dell EMC CloudBoost virtual appliance
- wpasupplicant
- systemd
- openssl
- openssh
- lrzsz
- libsndfile1
- libpolkit
- libmysqlclient
- libmspack0
- libgif7
- libgdk
- libdb5.3
- libc
- dbus
- binutils
- bind9
- libxml
- bind9-host
- cpio
- curl
- dbus
- e2fsprogs
- intel-microcode
- libc-bin
- libcups2
- libdb5.3
- libfreetype6
- libgcrypt20
- libgdk-pixbuf2.0-0
- libgif7
- libmysqlclient-dev
- libpcap0.8
- libsasl2-2
- libsndfile1
- libxml2
- linux-image-4.4.0-174-generic
- Login
- Memcached
- Nokogiri
- Ntpdate
- openjdk-8-jdk
- python2.7
- python3.5
- python-twisted
- vim
- apache2
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information
- Bypass of a protection mechanism
- Escalation of privilege
Best practice and Recommendations:
The CERT team encourages users to review DELL EMC security advisory and apply the necessary updates:
- https://www.dell.com/support/security/en-us/details/546585/DSA-2020-223-Dell-EMC-CloudBoost-virtual-appliance-Security-Update-for-Multiple-Third-Party-Compo
- https://www.dell.com/support/security/en-us/details/546586/DSA-2020-221-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance#
Rate the content
Share the page
