Critical
Summary:
Multiple third party components within Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler, Dell EMC Solutions Enabler Virtual Appliance, and Dell EMC PowerMax Embedded Management require a security update to address various vulnerabilities.
The components are updated for the following vulnerabilities:
Oracle Java
CVE-2020-2604 CVE-2020-2601 CVE-2020-2585 CVE-2020-2655
CVE-2020-2593 CVE-2020-2654 CVE-2020-2590 CVE-2020-2659
CVE-2020-2583 CVE-2019-16168 CVE-2019-13117 CVE-2019-13118
OpenSSL
CVE-2019-1552 CVE-2019-1563 CVE-2019-1551 CVE-2019-1547
CVE-2019-1559 CVE-2019-12572 CVE-2018-0734 CVE-2018-0732
CVE-2017-3737 CVE-2017-3731 CVE-2017-3738 CVE-2017-3732
CVE-2016-8610 CVE-2016-2107 CVE-2016-0702 CVE-2016-0797
CVE-2016-0799 CVE-2016-2842 CVE-2016-0703 CVE-2016-0704
CVE-2016-0800 CVE-2016-6304 CVE-2016-6306 CVE-2016-2105
CVE-2016-2106 CVE-2016-0701 CVE-2016-2109 CVE-2015-1794
CVE-2015-1787 CVE-2015-3197 CVE-2015-3194 CVE-2015-3195
CVE-2015-3196 CVE-2015-1792 CVE-2015-0207 CVE-2015-0208
CVE-2015-0285 CVE-2015-0288 CVE-2015-0290 CVE-2015-0291
CVE-2015-0293 CVE-2015-3193 CVE-2015-1788 CVE-2015-1789
CVE-2015-1790 CVE-2015-1791 CVE-2015-0209 CVE-2015-0286
CVE-2015-0287 CVE-2015-0289 CVE-2013-6449
MMCS (OS and Internet Explorer)
CVE-2020-0607 CVE-2020-0615 CVE-2020-0608 CVE-2020-0611
CVE-2020-0620 CVE-2020-0625 CVE-2020-0626 CVE-2020-0627
CVE-2020-0628 CVE-2020-0629 CVE-2020-0630 CVE-2020-0632
CVE-2020-0631 CVE-2020-0634 CVE-2020-0635 CVE-2020-0639
CVE-2020-0643 CVE-2020-0642 CVE-2020-0640 CVE-2020-0673
CVE-2020-0674 CVE-2019-1458 CVE-2019-1469 CVE-2019-1474
CVE-2019-1478 CVE-2019-1488 CVE-2019-1453 CVE-2019-1465
CVE-2019-1466 CVE-2019-1467 CVE-2019-1468 CVE-2019-1481
CVE-2019-1480 CVE-2019-1484 CVE-2019-1485 CVE-2019-1384
CVE-2019-1388 CVE-2019-1391 CVE-2019-1393 CVE-2019-1394
CVE-2019-1395 CVE-2019-1407 CVE-2019-1411 CVE-2019-1409
CVE-2019-1415 CVE-2019-1418 CVE-2019-1419 CVE-2019-1424
CVE-2019-1432 CVE-2019-1433 CVE-2019-1434 CVE-2019-1435
CVE-2019-1438 CVE-2019-1441 CVE-2019-1439 CVE-2019-1456
CVE-2019-1382 CVE-2019-1396 CVE-2019-1405 CVE-2019-1408
CVE-2019-1412 CVE-2019-1406 CVE-2019-1422 CVE-2019-1429
CVE-2019-1390 CVE-2019-11135
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
The components are updated for the following vulnerabilities:
Oracle Java
CVE-2020-2604 CVE-2020-2601 CVE-2020-2585 CVE-2020-2655
CVE-2020-2593 CVE-2020-2654 CVE-2020-2590 CVE-2020-2659
CVE-2020-2583 CVE-2019-16168 CVE-2019-13117 CVE-2019-13118
OpenSSL
CVE-2019-1552 CVE-2019-1563 CVE-2019-1551 CVE-2019-1547
CVE-2019-1559 CVE-2019-12572 CVE-2018-0734 CVE-2018-0732
CVE-2017-3737 CVE-2017-3731 CVE-2017-3738 CVE-2017-3732
CVE-2016-8610 CVE-2016-2107 CVE-2016-0702 CVE-2016-0797
CVE-2016-0799 CVE-2016-2842 CVE-2016-0703 CVE-2016-0704
CVE-2016-0800 CVE-2016-6304 CVE-2016-6306 CVE-2016-2105
CVE-2016-2106 CVE-2016-0701 CVE-2016-2109 CVE-2015-1794
CVE-2015-1787 CVE-2015-3197 CVE-2015-3194 CVE-2015-3195
CVE-2015-3196 CVE-2015-1792 CVE-2015-0207 CVE-2015-0208
CVE-2015-0285 CVE-2015-0288 CVE-2015-0290 CVE-2015-0291
CVE-2015-0293 CVE-2015-3193 CVE-2015-1788 CVE-2015-1789
CVE-2015-1790 CVE-2015-1791 CVE-2015-0209 CVE-2015-0286
CVE-2015-0287 CVE-2015-0289 CVE-2013-6449
MMCS (OS and Internet Explorer)
CVE-2020-0607 CVE-2020-0615 CVE-2020-0608 CVE-2020-0611
CVE-2020-0620 CVE-2020-0625 CVE-2020-0626 CVE-2020-0627
CVE-2020-0628 CVE-2020-0629 CVE-2020-0630 CVE-2020-0632
CVE-2020-0631 CVE-2020-0634 CVE-2020-0635 CVE-2020-0639
CVE-2020-0643 CVE-2020-0642 CVE-2020-0640 CVE-2020-0673
CVE-2020-0674 CVE-2019-1458 CVE-2019-1469 CVE-2019-1474
CVE-2019-1478 CVE-2019-1488 CVE-2019-1453 CVE-2019-1465
CVE-2019-1466 CVE-2019-1467 CVE-2019-1468 CVE-2019-1481
CVE-2019-1480 CVE-2019-1484 CVE-2019-1485 CVE-2019-1384
CVE-2019-1388 CVE-2019-1391 CVE-2019-1393 CVE-2019-1394
CVE-2019-1395 CVE-2019-1407 CVE-2019-1411 CVE-2019-1409
CVE-2019-1415 CVE-2019-1418 CVE-2019-1419 CVE-2019-1424
CVE-2019-1432 CVE-2019-1433 CVE-2019-1434 CVE-2019-1435
CVE-2019-1438 CVE-2019-1441 CVE-2019-1439 CVE-2019-1456
CVE-2019-1382 CVE-2019-1396 CVE-2019-1405 CVE-2019-1408
CVE-2019-1412 CVE-2019-1406 CVE-2019-1422 CVE-2019-1429
CVE-2019-1390 CVE-2019-11135
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Affected products:
Unisphere for PowerMax versions prior to 9.0.2.17
Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.17
Unisphere for PowerMax versions prior to 9.1.0.14
Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.14
Solutions Enabler versions prior to 9.0.0.18
Solutions Enabler Virtual Appliance versions prior to 9.0.0.18
Solutions Enabler versions prior to 9.1.0.5
Solutions Enabler Virtual Appliance versions prior to 9.1.0.5
PowerMax OS Release 5978
Remediation:
The following product releases contain resolutions to these vulnerabilities:
Unisphere for PowerMax 9.0.2.17 or later
Unisphere for PowerMax Virtual Appliance 9.0.2.17 or later
Unisphere for PowerMax 9.1.0.14 or later
Unisphere for PowerMax Virtual Appliance 9.1.0.14 or later
Solutions Enabler 9.0.0.18 or later
Solutions Enabler Virtual Appliance 9.0.0.18 or later
Solutions Enabler 9.1.0.5 or later
Solutions Enabler Virtual Appliance 9.1.0.5 or later
For PowerMax OS Release 5978.221.221 or 5978.479.479
Request an ePack for DSA-2020-062 per VMAX OPT 568208
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Customers can download software from the following URLs:
Unisphere for PowerMax 9.0.2.17
Unisphere for VMAX Virtual Appliance 9.0.2.17 OVA and ISO
Unisphere for PowerMax 9.1.0.14
Unisphere for VMAX Virtual Appliance 9.1.0.14 OVA and ISO.
at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers
Solutions Enabler for:
Solutions Enabler 9.0.0.18
Solutions Enabler Virtual Appliance 9.0.0.18 OVA and ISO.
Solutions Enabler 9.1.0.5
Solutions Enabler Virtual Appliance 9.1.0.5 OVA and ISO.
at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers
Affected products:
Unisphere for PowerMax versions prior to 9.0.2.17
Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.17
Unisphere for PowerMax versions prior to 9.1.0.14
Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.14
Solutions Enabler versions prior to 9.0.0.18
Solutions Enabler Virtual Appliance versions prior to 9.0.0.18
Solutions Enabler versions prior to 9.1.0.5
Solutions Enabler Virtual Appliance versions prior to 9.1.0.5
PowerMax OS Release 5978
Remediation:
The following product releases contain resolutions to these vulnerabilities:
Unisphere for PowerMax 9.0.2.17 or later
Unisphere for PowerMax Virtual Appliance 9.0.2.17 or later
Unisphere for PowerMax 9.1.0.14 or later
Unisphere for PowerMax Virtual Appliance 9.1.0.14 or later
Solutions Enabler 9.0.0.18 or later
Solutions Enabler Virtual Appliance 9.0.0.18 or later
Solutions Enabler 9.1.0.5 or later
Solutions Enabler Virtual Appliance 9.1.0.5 or later
For PowerMax OS Release 5978.221.221 or 5978.479.479
Request an ePack for DSA-2020-062 per VMAX OPT 568208
Dell EMC recommends all customers upgrade at the earliest opportunity.
Link to Remedies:
Customers can download software from the following URLs:
Unisphere for PowerMax 9.0.2.17
Unisphere for VMAX Virtual Appliance 9.0.2.17 OVA and ISO
Unisphere for PowerMax 9.1.0.14
Unisphere for VMAX Virtual Appliance 9.1.0.14 OVA and ISO.
at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers
Solutions Enabler for:
Solutions Enabler 9.0.0.18
Solutions Enabler Virtual Appliance 9.0.0.18 OVA and ISO.
Solutions Enabler 9.1.0.5
Solutions Enabler Virtual Appliance 9.1.0.5 OVA and ISO.
at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers