Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In

DSA-2019-186: Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler, Dell EMC Solutions Enabler Virtual Appliance and Dell EMC PowerMax Embedded Management Update for Multiple Third Party Components

Summary: Multiple embedded components within Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler, Dell EMC Solutions Enabler Virtual Appliance, and Dell EMC PowerMax Embedded Management require a security update to address various vulnerabilities. ...

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

The following embedded components are updated for the vulnerabilities listed below:  

Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance was updated to address the following vulnerabilities:   

  • Oracle Java

CVE-2019-2949    CVE-2019-2989    CVE-2019-2958    CVE-2019-2977
CVE-2019-2975    CVE-2019-2999    CVE-2019-2996    CVE-2019-2987
CVE-2019-2962    CVE-2019-2988    CVE-2019-2992    CVE-2019-2964
CVE-2019-2973    CVE-2019-2981    CVE-2019-2978    CVE-2019-2894
CVE-2019-2983    CVE-2019-2933    CVE-2019-2945    CVE-2019-11068

The embedded Windows OS for the MMCS has been updated to address the following vulnerabilities:   

  • Windows Updates

CVE-2019-0887    CVE-2019-1006    CVE-2019-1071    CVE-2019-1073
CVE-2019-1082    CVE-2019-1085    CVE-2019-1088    CVE-2019-1089
CVE-2019-1093    CVE-2019-1094    CVE-2019-1095    CVE-2019-1096
CVE-2019-1097    CVE-2019-1098    CVE-2019-1099    CVE-2019-1100
CVE-2019-1101    CVE-2019-1102    CVE-2019-1108    CVE-2019-1116
CVE-2019-1132    CVE-2019-0683    CVE-2019-0888    CVE-2019-0904
CVE-2019-0905    CVE-2019-0906    CVE-2019-0907    CVE-2019-0908
CVE-2019-0909    CVE-2019-0941    CVE-2019-0943    CVE-2019-0948
CVE-2019-0960    CVE-2019-0968    CVE-2019-0972    CVE-2019-0973
CVE-2019-0974    CVE-2019-0977    CVE-2019-0984    CVE-2019-0985
CVE-2019-0986    CVE-2019-1009    CVE-2019-1010    CVE-2019-1011
CVE-2019-1012    CVE-2019-1013    CVE-2019-1014    CVE-2019-1015
CVE-2019-1016    CVE-2019-1017    CVE-2019-1019    CVE-2019-1025
CVE-2019-1028    CVE-2019-1039    CVE-2019-1040    CVE-2019-1043
CVE-2019-1045    CVE-2019-1046    CVE-2019-1047    CVE-2019-1048
CVE-2019-1049    CVE-2019-1053    CVE-2017-8533    CVE-2019-0708
CVE-2019-0734    CVE-2019-0758    CVE-2019-0863    CVE-2019-0881
CVE-2019-0882    CVE-2019-0885    CVE-2019-0889    CVE-2019-0890
CVE-2019-0891    CVE-2019-0893    CVE-2019-0894    CVE-2019-0895
CVE-2019-0896    CVE-2019-0897    CVE-2019-0898    CVE-2019-0899
CVE-2019-0900    CVE-2019-0901    CVE-2019-0902    CVE-2019-0903
CVE-2019-0936    CVE-2019-0961

  • Internet Explorer

CVE-2019-1001    CVE-2019-1004    CVE-2019-1056    CVE-2019-1059
CVE-2019-1063    CVE-2019-1104

See NVD (http://nvd.nist.gov/) for individual scores for each CVE

The following embedded components are updated for the vulnerabilities listed below:  

Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance was updated to address the following vulnerabilities:   

  • Oracle Java

CVE-2019-2949    CVE-2019-2989    CVE-2019-2958    CVE-2019-2977
CVE-2019-2975    CVE-2019-2999    CVE-2019-2996    CVE-2019-2987
CVE-2019-2962    CVE-2019-2988    CVE-2019-2992    CVE-2019-2964
CVE-2019-2973    CVE-2019-2981    CVE-2019-2978    CVE-2019-2894
CVE-2019-2983    CVE-2019-2933    CVE-2019-2945    CVE-2019-11068

The embedded Windows OS for the MMCS has been updated to address the following vulnerabilities:   

  • Windows Updates

CVE-2019-0887    CVE-2019-1006    CVE-2019-1071    CVE-2019-1073
CVE-2019-1082    CVE-2019-1085    CVE-2019-1088    CVE-2019-1089
CVE-2019-1093    CVE-2019-1094    CVE-2019-1095    CVE-2019-1096
CVE-2019-1097    CVE-2019-1098    CVE-2019-1099    CVE-2019-1100
CVE-2019-1101    CVE-2019-1102    CVE-2019-1108    CVE-2019-1116
CVE-2019-1132    CVE-2019-0683    CVE-2019-0888    CVE-2019-0904
CVE-2019-0905    CVE-2019-0906    CVE-2019-0907    CVE-2019-0908
CVE-2019-0909    CVE-2019-0941    CVE-2019-0943    CVE-2019-0948
CVE-2019-0960    CVE-2019-0968    CVE-2019-0972    CVE-2019-0973
CVE-2019-0974    CVE-2019-0977    CVE-2019-0984    CVE-2019-0985
CVE-2019-0986    CVE-2019-1009    CVE-2019-1010    CVE-2019-1011
CVE-2019-1012    CVE-2019-1013    CVE-2019-1014    CVE-2019-1015
CVE-2019-1016    CVE-2019-1017    CVE-2019-1019    CVE-2019-1025
CVE-2019-1028    CVE-2019-1039    CVE-2019-1040    CVE-2019-1043
CVE-2019-1045    CVE-2019-1046    CVE-2019-1047    CVE-2019-1048
CVE-2019-1049    CVE-2019-1053    CVE-2017-8533    CVE-2019-0708
CVE-2019-0734    CVE-2019-0758    CVE-2019-0863    CVE-2019-0881
CVE-2019-0882    CVE-2019-0885    CVE-2019-0889    CVE-2019-0890
CVE-2019-0891    CVE-2019-0893    CVE-2019-0894    CVE-2019-0895
CVE-2019-0896    CVE-2019-0897    CVE-2019-0898    CVE-2019-0899
CVE-2019-0900    CVE-2019-0901    CVE-2019-0902    CVE-2019-0903
CVE-2019-0936    CVE-2019-0961

  • Internet Explorer

CVE-2019-1001    CVE-2019-1004    CVE-2019-1056    CVE-2019-1059
CVE-2019-1063    CVE-2019-1104

See NVD (http://nvd.nist.gov/) for individual scores for each CVE

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Affected products:  

  • Unisphere for PowerMax versions prior to 9.0.2.16

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.16

  • Unisphere for PowerMax versions prior to 9.1.0.9

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.9

  • Solutions Enabler versions prior to 9.0.0.17

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.17

  • Solutions Enabler versions prior to 9.1.0.3

  • Solutions Enabler Virtual Appliance versions prior to 9.1.0.3

  • PowerMax OS Release 5978


Remediation:
These issues are addressed in Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 by requesting DSA-2019-186 per OPT 564177. Contact Dell EMC Customer Support to request a  PowerMax OS Service Pack containing this fix and for assistance in scheduling this upgrade.

  • Unisphere for PowerMax 9.0.2.16 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.16 or later

  • Unisphere for PowerMax 9.1.0.9 or later

  • Unisphere for PowerMax Virtual Appliance 9.1.0.9 or later

  • Solutions Enabler 9.0.0.17 or later

  • Solutions Enabler Virtual Appliance 9.0.0.17 or later

  • Solutions Enabler 9.1.0.3 or later

  • Solutions Enabler Virtual Appliance 9.1.0.3 or later

  • For PowerMax OS Release 5978.221.221 or 5987.479.479

    • Request an ePack for DSA-2019-186 per VMAX OPT 564177

Dell EMC recommends all customers upgrade at the earliest opportunity.

Customers can download software from the Dell Support website at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers for:  

  • Unisphere for PowerMax 9.0.2.16

  • EMC Unisphere for VMAX Virtual Appliance 9.0.2.16 OVA and ISO

  • Unisphere for PowerMax 9.1.0.9

  • Unisphere for VMAX Virtual Appliance 9.1.0.9 OVA and ISO.

Customers can download software from the Dell Support website at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers for:  

  • Solutions Enabler 9.0.0.17

  • Solutions Enabler Virtual Appliance 9.0.0.17 OVA and ISO.

  • Solutions Enabler 9.1.0.3

  • Solutions Enabler Virtual Appliance 9.1.0.3 OVA and ISO.

Open a Service Request to have the hotfix or ePack installed. Contact Dell EMC Support with any questions.


Affected products:  

  • Unisphere for PowerMax versions prior to 9.0.2.16

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.16

  • Unisphere for PowerMax versions prior to 9.1.0.9

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.9

  • Solutions Enabler versions prior to 9.0.0.17

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.17

  • Solutions Enabler versions prior to 9.1.0.3

  • Solutions Enabler Virtual Appliance versions prior to 9.1.0.3

  • PowerMax OS Release 5978


Remediation:
These issues are addressed in Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 by requesting DSA-2019-186 per OPT 564177. Contact Dell EMC Customer Support to request a  PowerMax OS Service Pack containing this fix and for assistance in scheduling this upgrade.

  • Unisphere for PowerMax 9.0.2.16 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.16 or later

  • Unisphere for PowerMax 9.1.0.9 or later

  • Unisphere for PowerMax Virtual Appliance 9.1.0.9 or later

  • Solutions Enabler 9.0.0.17 or later

  • Solutions Enabler Virtual Appliance 9.0.0.17 or later

  • Solutions Enabler 9.1.0.3 or later

  • Solutions Enabler Virtual Appliance 9.1.0.3 or later

  • For PowerMax OS Release 5978.221.221 or 5987.479.479

    • Request an ePack for DSA-2019-186 per VMAX OPT 564177

Dell EMC recommends all customers upgrade at the earliest opportunity.

Customers can download software from the Dell Support website at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers for:  

  • Unisphere for PowerMax 9.0.2.16

  • EMC Unisphere for VMAX Virtual Appliance 9.0.2.16 OVA and ISO

  • Unisphere for PowerMax 9.1.0.9

  • Unisphere for VMAX Virtual Appliance 9.1.0.9 OVA and ISO.

Customers can download software from the Dell Support website at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers for:  

  • Solutions Enabler 9.0.0.17

  • Solutions Enabler Virtual Appliance 9.0.0.17 OVA and ISO.

  • Solutions Enabler 9.1.0.3

  • Solutions Enabler Virtual Appliance 9.1.0.3 OVA and ISO.

Open a Service Request to have the hotfix or ePack installed. Contact Dell EMC Support with any questions.


Workarounds & Mitigations

None.

Revision History

Revision

Date

Description

1.0

2019-12-12

Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerMax 2000, PowerMax 8000, Product Security Information, Solutions Enabler, Unisphere for PowerMax, VMAX 250F, VMAX 850F, VMAX 950F
Article Properties
Article Number: 000153804
Article Type: Dell Security Advisory
Last Modified: 01 Nov 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.
Article Properties
Article Number: 000153804
Article Type: Dell Security Advisory
Last Modified: 01 Nov 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.