Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Partner Program Sign In

DSA-2021-021 Dell EMC Integrated Data Protection Appliance Security Update for ACM, DP Advisor, vSphere, and BIOS component vulnerabilities

Summary: Dell EMC Integrated Data Protection Appliance 2.6.1 contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-Party Component
 		 CVE(s)  More information
vSphere 6.7 CVE-2020-3960 https://www.vmware.com/security/advisories/VMSA-2020-0012.html
https://www.vmware.com/security/advisories/VMSA-2020-0018.html
https://www.vmware.com/security/advisories/VMSA-2020-0023.html
https://www.vmware.com/security/advisories/VMSA-2020-0026.html
CVE-2020-3976
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-4004
CVE-2020-4005
iDRAC9 CVE-2020-5366 https://www.dell.com/support/kbdoc/en-in/000177335/dsa-2020-128-idrac-local-file-inclusion-vulnerability
Data Protection Advisor CVE-2020-10745
 		 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10713
 
CVE-2017-12627
Appliance Configuration Manager CVE-2020-10713  See NVD (http://nvd.nist.gov/) for individual scores for each CVE
https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
CVE-2020-1971
CVE-2020-14792
CVE-2020-14781
CVE-2020-14782
CVE-2020-14797
CVE-2020-14779
CVE-2020-14796
CVE-2020-14798
Intel® SGX and Intel® TXT CVE-2020-0545 Intel-SA-00329
Intel-SA-00300
Intel-SA-00306
Intel-SA-00308
Intel-SA-00314
Intel-SA-00332



 
CVE-2020-0548
CVE-2019-14600
CVE-2019-14596
CVE-2019-14601
CVE-2019-14615
CVE-2019-14629
VMware vCenter CVE-2021-21972  
CVE-2021-21973
Third-Party Component
 		 CVE(s)  More information
vSphere 6.7 CVE-2020-3960 https://www.vmware.com/security/advisories/VMSA-2020-0012.html
https://www.vmware.com/security/advisories/VMSA-2020-0018.html
https://www.vmware.com/security/advisories/VMSA-2020-0023.html
https://www.vmware.com/security/advisories/VMSA-2020-0026.html
CVE-2020-3976
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-4004
CVE-2020-4005
iDRAC9 CVE-2020-5366 https://www.dell.com/support/kbdoc/en-in/000177335/dsa-2020-128-idrac-local-file-inclusion-vulnerability
Data Protection Advisor CVE-2020-10745
 		 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10713
 
CVE-2017-12627
Appliance Configuration Manager CVE-2020-10713  See NVD (http://nvd.nist.gov/) for individual scores for each CVE
https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
CVE-2020-1971
CVE-2020-14792
CVE-2020-14781
CVE-2020-14782
CVE-2020-14797
CVE-2020-14779
CVE-2020-14796
CVE-2020-14798
Intel® SGX and Intel® TXT CVE-2020-0545 Intel-SA-00329
Intel-SA-00300
Intel-SA-00306
Intel-SA-00308
Intel-SA-00314
Intel-SA-00332



 
CVE-2020-0548
CVE-2019-14600
CVE-2019-14596
CVE-2019-14601
CVE-2019-14615
CVE-2019-14629
VMware vCenter CVE-2021-21972  
CVE-2021-21973
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Version(s) Updated Version(s) Link to Update  
Dell EMC Integrated Data Protection Appliance Versions prior to 2.6.1 2.6.1 IDPA 4x appliances: https://dl.dell.com/downloads/DL102500_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-4400-Appliances.tar.gz 
IDPA 5x and 8x appliances: https://dl.dell.com/downloads/DL102499_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.tar.gz		  
 
 

Note: IDPA 2.6.1 patch is supported only on IDPA 2.6.

Dell EMC recommends all customers upgrade at the earliest opportunity. Firmware (BIOS, iDRAC9) fixes are applied by support. Contact Dell EMC Integrated Data Protection Appliance customer support to download the required upgrade file and install it.
Product Affected Version(s) Updated Version(s) Link to Update  
Dell EMC Integrated Data Protection Appliance Versions prior to 2.6.1 2.6.1 IDPA 4x appliances: https://dl.dell.com/downloads/DL102500_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-4400-Appliances.tar.gz 
IDPA 5x and 8x appliances: https://dl.dell.com/downloads/DL102499_IDPA-PowerProtect-DP-Series-2.6.1-Upgrade-for-IDPA-DP-5xxx-8xxx-Appliances.tar.gz		  
 
 

Note: IDPA 2.6.1 patch is supported only on IDPA 2.6.

Dell EMC recommends all customers upgrade at the earliest opportunity. Firmware (BIOS, iDRAC9) fixes are applied by support. Contact Dell EMC Integrated Data Protection Appliance customer support to download the required upgrade file and install it.

Workarounds & Mitigations

None

Revision History

RevisionDateDescription
1.002-04-2021Initial Release

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerProtect Data Protection Appliance, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Product Security Information
Article Properties
Article Number: 000182743
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.