Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000184565

DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Article Content

Impact

Critical

Details

Proprietary Code CVE(s)	Description	CVSSBase Score	CVSS Vector String
CVE-2021-21531	Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.	8.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Third-Party Component	CVE(s)	More information
Oracle	CVE-2020-14803	See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Spring Framework	CVE-2020-5421
Spring Framework	CVE-2020-5398
OpenSSL	CVE-2020-1971
Internet Explorer 11	CVE-2020-17053
	CVE-2020-17058
	CVE-2020-17052
Microsoft .NET	CVE-2020-16937
Windows 10	See Windows Advisory for individual CVE IDs

Proprietary Code CVE(s)	Description	CVSSBase Score	CVSS Vector String
CVE-2021-21531	Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.	8.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Third-Party Component	CVE(s)	More information
Oracle	CVE-2020-14803	See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Spring Framework	CVE-2020-5421
Spring Framework	CVE-2020-5398
OpenSSL	CVE-2020-1971
Internet Explorer 11	CVE-2020-17053
	CVE-2020-17058
	CVE-2020-17052
Microsoft .NET	CVE-2020-16937
Windows 10	See Windows Advisory for individual CVE IDs

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product	Affected Version(s)	Updated Version(s)	Link to Update
Unisphere for PowerMax	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Solutions Enabler	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
PowerMax OS	5978	5978	Request OPT 579961 for Foxtail SR and Hickory SR

Product	Affected Version(s)	Updated Version(s)	Link to Update
Unisphere for PowerMax	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.1.0.26	9.1.0.26 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance	Versions prior to 9.2.1.6	9.2.1.6 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/unisphere-powermax/drivers
Solutions Enabler	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.1.0.15	9.1.0.15 EEM: 9.1.0.855	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance	Versions prior to 9.2.1.1	9.2.1.1 EEM: 9.2.1.184	https://www.dell.com/support/home/en-us/product-support/product/solutions-enabler/drivers
PowerMax OS	5978	5978	Request OPT 579961 for Foxtail SR and Hickory SR

Revision History

Revision	Date	Description
1.0	2021-03-24	Q1 2021 Security Release for PowerMax Foxtail SR and Hickory SR releases.

DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type

Welcome

Welcome to Dell

DSA-2021-063: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax Embedded Management Security Update for Multiple Third-Party Component Vulnerabilities

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type