Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Partner Program Sign In

DSA-2019-095: Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler Virtual Appliance, and Dell EMC PowerMax Embedded Management Update for Multiple Vulnerabilities in Embedded Components

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Summary:  

Multiple embedded components within Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler Virtual Appliance, and Dell EMC PowerMax Embedded Management requires a security update to address various vulnerabilities.

The following embedded components are updated for the vulnerabilities listed below. Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance was updated to address the following vulnerabilities:  

  • Oracle Java

CVE-2019-2699    CVE-2019-2697    CVE-2019-2698    CVE-2019-2602
CVE-2019-2684

The embedded Windows OS for the MMCS has been updated to address the following vulnerabilities:  

  • Windows Updates

CVE-2019-0595    CVE-2019-0596    CVE-2019-0597    CVE-2019-0598
CVE-2019-0599    CVE-2019-0600    CVE-2019-0601    CVE-2019-0602
CVE-2019-0603    CVE-2019-0606    CVE-2019-0609    CVE-2019-0613
CVE-2019-0614    CVE-2019-0615    CVE-2019-0616    CVE-2019-0617
CVE-2019-0618    CVE-2019-0619    CVE-2019-0621    CVE-2019-0623
CVE-2019-0625    CVE-2019-0626    CVE-2019-0628    CVE-2019-0630
CVE-2019-0636    CVE-2019-0654    CVE-2019-0657    CVE-2019-0660
CVE-2019-0661    CVE-2019-0662    CVE-2019-0663    CVE-2019-0664
CVE-2019-0665    CVE-2019-0666    CVE-2019-0667    CVE-2019-0671
CVE-2019-0673    CVE-2019-0674    CVE-2019-0676    CVE-2019-0680
CVE-2019-0683    CVE-2019-0702    CVE-2019-0703    CVE-2019-0704
CVE-2019-0730    CVE-2019-0731    CVE-2019-0732    CVE-2019-0735
CVE-2019-0746    CVE-2019-0752    CVE-2019-0753    CVE-2019-0754
CVE-2019-0755    CVE-2019-0756    CVE-2019-0759    CVE-2019-0761
CVE-2019-0762    CVE-2019-0763    CVE-2019-0764    CVE-2019-0765
CVE-2019-0767    CVE-2019-0772    CVE-2019-0774    CVE-2019-0775
CVE-2019-0780    CVE-2019-0782    CVE-2019-0783    CVE-2019-0784
CVE-2019-0791    CVE-2019-0792    CVE-2019-0793    CVE-2019-0794
CVE-2019-0795    CVE-2019-0796    CVE-2019-0802    CVE-2019-0803
CVE-2019-0805    CVE-2019-0808    CVE-2019-0821    CVE-2019-0835
CVE-2019-0836    CVE-2019-0838    CVE-2019-0839    CVE-2019-0842
CVE-2019-0844    CVE-2019-0845    CVE-2019-0846    CVE-2019-0847
CVE-2019-0848    CVE-2019-0849    CVE-2019-0851    CVE-2019-0853
CVE-2019-0856    CVE-2019-0859    CVE-2019-0862    CVE-2019-0877
CVE-2019-0879

See NVD (http://nvd.nist.gov/) for individual scores for each CVE

The following embedded components are updated for the vulnerabilities listed below. Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance was updated to address the following vulnerabilities:  

  • Oracle Java

CVE-2019-2699    CVE-2019-2697    CVE-2019-2698    CVE-2019-2602
CVE-2019-2684

The embedded Windows OS for the MMCS has been updated to address the following vulnerabilities:  

  • Windows Updates

CVE-2019-0595    CVE-2019-0596    CVE-2019-0597    CVE-2019-0598
CVE-2019-0599    CVE-2019-0600    CVE-2019-0601    CVE-2019-0602
CVE-2019-0603    CVE-2019-0606    CVE-2019-0609    CVE-2019-0613
CVE-2019-0614    CVE-2019-0615    CVE-2019-0616    CVE-2019-0617
CVE-2019-0618    CVE-2019-0619    CVE-2019-0621    CVE-2019-0623
CVE-2019-0625    CVE-2019-0626    CVE-2019-0628    CVE-2019-0630
CVE-2019-0636    CVE-2019-0654    CVE-2019-0657    CVE-2019-0660
CVE-2019-0661    CVE-2019-0662    CVE-2019-0663    CVE-2019-0664
CVE-2019-0665    CVE-2019-0666    CVE-2019-0667    CVE-2019-0671
CVE-2019-0673    CVE-2019-0674    CVE-2019-0676    CVE-2019-0680
CVE-2019-0683    CVE-2019-0702    CVE-2019-0703    CVE-2019-0704
CVE-2019-0730    CVE-2019-0731    CVE-2019-0732    CVE-2019-0735
CVE-2019-0746    CVE-2019-0752    CVE-2019-0753    CVE-2019-0754
CVE-2019-0755    CVE-2019-0756    CVE-2019-0759    CVE-2019-0761
CVE-2019-0762    CVE-2019-0763    CVE-2019-0764    CVE-2019-0765
CVE-2019-0767    CVE-2019-0772    CVE-2019-0774    CVE-2019-0775
CVE-2019-0780    CVE-2019-0782    CVE-2019-0783    CVE-2019-0784
CVE-2019-0791    CVE-2019-0792    CVE-2019-0793    CVE-2019-0794
CVE-2019-0795    CVE-2019-0796    CVE-2019-0802    CVE-2019-0803
CVE-2019-0805    CVE-2019-0808    CVE-2019-0821    CVE-2019-0835
CVE-2019-0836    CVE-2019-0838    CVE-2019-0839    CVE-2019-0842
CVE-2019-0844    CVE-2019-0845    CVE-2019-0846    CVE-2019-0847
CVE-2019-0848    CVE-2019-0849    CVE-2019-0851    CVE-2019-0853
CVE-2019-0856    CVE-2019-0859    CVE-2019-0862    CVE-2019-0877
CVE-2019-0879

See NVD (http://nvd.nist.gov/) for individual scores for each CVE

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Affected products:  

  • Unisphere for PowerMax versions prior to 9.0.2.12

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.12

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.14

  • PowerMax OS Release 5978.221.221 and earlier


Remediation:
These issues are addressed in Dell EMC PowerMax OS 5978 by requesting DSA-2019-095. Contact Dell EMC Customer Support to request a PowerMax OS Service Pack containing this fix and for assistance in scheduling this upgrade.

  • Unisphere for PowerMax 9.0.2.12 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.12 or later

  • Solutions Enabler Virtual Appliance ISO Upgrade 9.0.0.14 or later

  • Solutions Enabler Virtual Appliance OVA 9.0.0.14 or later

  • For PowerMax OS Release 5978

    • Request an ePack for DSA-2019-095 per VMAX OPT 557008

Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.


Link to Remedies:
Customers can download software for Unisphere for PowerMax 9.0.2.12 and EMC Unisphere for VMAX Virtual Appliance 9.0.2.12OVA and ISO from https://support.emc.com/downloads/44740_Unisphere-for-PowerMax.

Customers can download software for Solutions Enabler Virtual Appliance 9.0.0.14 OVA and ISO from https://support.emc.com/downloads/2071_Solutions-Enabler

Registered Dell EMC Online Support customers are recommended to contact Dell EMC Customer Support for all fixes as they are not available from the online support download page.  Please open a Service Request to have the hotfix or ePack installed.  Please contact Dell EMC Support with any questions.



Affected products:  

  • Unisphere for PowerMax versions prior to 9.0.2.12

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.12

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.14

  • PowerMax OS Release 5978.221.221 and earlier


Remediation:
These issues are addressed in Dell EMC PowerMax OS 5978 by requesting DSA-2019-095. Contact Dell EMC Customer Support to request a PowerMax OS Service Pack containing this fix and for assistance in scheduling this upgrade.

  • Unisphere for PowerMax 9.0.2.12 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.12 or later

  • Solutions Enabler Virtual Appliance ISO Upgrade 9.0.0.14 or later

  • Solutions Enabler Virtual Appliance OVA 9.0.0.14 or later

  • For PowerMax OS Release 5978

    • Request an ePack for DSA-2019-095 per VMAX OPT 557008

Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.


Link to Remedies:
Customers can download software for Unisphere for PowerMax 9.0.2.12 and EMC Unisphere for VMAX Virtual Appliance 9.0.2.12OVA and ISO from https://support.emc.com/downloads/44740_Unisphere-for-PowerMax.

Customers can download software for Solutions Enabler Virtual Appliance 9.0.0.14 OVA and ISO from https://support.emc.com/downloads/2071_Solutions-Enabler

Registered Dell EMC Online Support customers are recommended to contact Dell EMC Customer Support for all fixes as they are not available from the online support download page.  Please open a Service Request to have the hotfix or ePack installed.  Please contact Dell EMC Support with any questions.



Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Unisphere for PowerMax

Products

PowerMax 2000, PowerMax 8000, Product Security Information, Solutions Enabler, Unisphere for PowerMax, VMAX 250F, VMAX 450F, VMAX 850F, VMAX 950F
Article Properties
Article Number: 000153790
Article Type: Dell Security Advisory
Last Modified: 20 Sep 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.