Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In

DSA-2020-062: Dell EMC Unisphere for PowerMax, Unisphere for PowerMax Virtual Appliance, Solutions Enabler, Solutions Enabler Virtual Appliance, and PowerMax Embedded Management Security Update for Multiple Third Party Component Vulnerabilities

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

Summary:   

Multiple third party components within Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, Dell EMC Solutions Enabler, Dell EMC Solutions Enabler Virtual Appliance, and Dell EMC PowerMax Embedded Management require a security update to address various vulnerabilities.

The components are updated for the following vulnerabilities:   

  • Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance

    • Oracle Java

CVE-2020-2604    CVE-2020-2601    CVE-2020-2585    CVE-2020-2655
CVE-2020-2593    CVE-2020-2654    CVE-2020-2590    CVE-2020-2659
CVE-2020-2583    CVE-2019-16168  CVE-2019-13117  CVE-2019-13118

  • Dell EMC Solutions Enabler

    • OpenSSL

CVE-2019-1552    CVE-2019-1563    CVE-2019-1551    CVE-2019-1547
CVE-2019-1559    CVE-2019-12572  CVE-2018-0734    CVE-2018-0732
CVE-2017-3737    CVE-2017-3731    CVE-2017-3738    CVE-2017-3732
CVE-2016-8610    CVE-2016-2107    CVE-2016-0702    CVE-2016-0797
CVE-2016-0799    CVE-2016-2842    CVE-2016-0703    CVE-2016-0704
CVE-2016-0800    CVE-2016-6304    CVE-2016-6306    CVE-2016-2105
CVE-2016-2106    CVE-2016-0701    CVE-2016-2109    CVE-2015-1794
CVE-2015-1787    CVE-2015-3197    CVE-2015-3194    CVE-2015-3195
CVE-2015-3196    CVE-2015-1792    CVE-2015-0207    CVE-2015-0208
CVE-2015-0285    CVE-2015-0288    CVE-2015-0290    CVE-2015-0291
CVE-2015-0293    CVE-2015-3193    CVE-2015-1788    CVE-2015-1789
CVE-2015-1790    CVE-2015-1791    CVE-2015-0209    CVE-2015-0286
CVE-2015-0287    CVE-2015-0289    CVE-2013-6449

  • The embedded Windows OS for the MMCS

    • MMCS (OS and Internet Explorer)

CVE-2020-0607    CVE-2020-0615    CVE-2020-0608    CVE-2020-0611
CVE-2020-0620    CVE-2020-0625    CVE-2020-0626    CVE-2020-0627
CVE-2020-0628    CVE-2020-0629    CVE-2020-0630    CVE-2020-0632
CVE-2020-0631    CVE-2020-0634    CVE-2020-0635    CVE-2020-0639
CVE-2020-0643    CVE-2020-0642    CVE-2020-0640    CVE-2020-0673
CVE-2020-0674    CVE-2019-1458    CVE-2019-1469    CVE-2019-1474
CVE-2019-1478    CVE-2019-1488    CVE-2019-1453    CVE-2019-1465
CVE-2019-1466    CVE-2019-1467    CVE-2019-1468    CVE-2019-1481
CVE-2019-1480    CVE-2019-1484    CVE-2019-1485    CVE-2019-1384
CVE-2019-1388    CVE-2019-1391    CVE-2019-1393    CVE-2019-1394
CVE-2019-1395    CVE-2019-1407    CVE-2019-1411    CVE-2019-1409
CVE-2019-1415    CVE-2019-1418    CVE-2019-1419    CVE-2019-1424
CVE-2019-1432    CVE-2019-1433    CVE-2019-1434    CVE-2019-1435
CVE-2019-1438    CVE-2019-1441    CVE-2019-1439    CVE-2019-1456
CVE-2019-1382    CVE-2019-1396    CVE-2019-1405    CVE-2019-1408
CVE-2019-1412    CVE-2019-1406    CVE-2019-1422    CVE-2019-1429
CVE-2019-1390    CVE-2019-11135

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

The components are updated for the following vulnerabilities:   

  • Dell EMC Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance, and Dell EMC Solutions Enabler Virtual Appliance

    • Oracle Java

CVE-2020-2604    CVE-2020-2601    CVE-2020-2585    CVE-2020-2655
CVE-2020-2593    CVE-2020-2654    CVE-2020-2590    CVE-2020-2659
CVE-2020-2583    CVE-2019-16168  CVE-2019-13117  CVE-2019-13118

  • Dell EMC Solutions Enabler

    • OpenSSL

CVE-2019-1552    CVE-2019-1563    CVE-2019-1551    CVE-2019-1547
CVE-2019-1559    CVE-2019-12572  CVE-2018-0734    CVE-2018-0732
CVE-2017-3737    CVE-2017-3731    CVE-2017-3738    CVE-2017-3732
CVE-2016-8610    CVE-2016-2107    CVE-2016-0702    CVE-2016-0797
CVE-2016-0799    CVE-2016-2842    CVE-2016-0703    CVE-2016-0704
CVE-2016-0800    CVE-2016-6304    CVE-2016-6306    CVE-2016-2105
CVE-2016-2106    CVE-2016-0701    CVE-2016-2109    CVE-2015-1794
CVE-2015-1787    CVE-2015-3197    CVE-2015-3194    CVE-2015-3195
CVE-2015-3196    CVE-2015-1792    CVE-2015-0207    CVE-2015-0208
CVE-2015-0285    CVE-2015-0288    CVE-2015-0290    CVE-2015-0291
CVE-2015-0293    CVE-2015-3193    CVE-2015-1788    CVE-2015-1789
CVE-2015-1790    CVE-2015-1791    CVE-2015-0209    CVE-2015-0286
CVE-2015-0287    CVE-2015-0289    CVE-2013-6449

  • The embedded Windows OS for the MMCS

    • MMCS (OS and Internet Explorer)

CVE-2020-0607    CVE-2020-0615    CVE-2020-0608    CVE-2020-0611
CVE-2020-0620    CVE-2020-0625    CVE-2020-0626    CVE-2020-0627
CVE-2020-0628    CVE-2020-0629    CVE-2020-0630    CVE-2020-0632
CVE-2020-0631    CVE-2020-0634    CVE-2020-0635    CVE-2020-0639
CVE-2020-0643    CVE-2020-0642    CVE-2020-0640    CVE-2020-0673
CVE-2020-0674    CVE-2019-1458    CVE-2019-1469    CVE-2019-1474
CVE-2019-1478    CVE-2019-1488    CVE-2019-1453    CVE-2019-1465
CVE-2019-1466    CVE-2019-1467    CVE-2019-1468    CVE-2019-1481
CVE-2019-1480    CVE-2019-1484    CVE-2019-1485    CVE-2019-1384
CVE-2019-1388    CVE-2019-1391    CVE-2019-1393    CVE-2019-1394
CVE-2019-1395    CVE-2019-1407    CVE-2019-1411    CVE-2019-1409
CVE-2019-1415    CVE-2019-1418    CVE-2019-1419    CVE-2019-1424
CVE-2019-1432    CVE-2019-1433    CVE-2019-1434    CVE-2019-1435
CVE-2019-1438    CVE-2019-1441    CVE-2019-1439    CVE-2019-1456
CVE-2019-1382    CVE-2019-1396    CVE-2019-1405    CVE-2019-1408
CVE-2019-1412    CVE-2019-1406    CVE-2019-1422    CVE-2019-1429
CVE-2019-1390    CVE-2019-11135

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Affected products:   

  • Unisphere for PowerMax versions prior to 9.0.2.17

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.17

  • Unisphere for PowerMax versions prior to 9.1.0.14

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.14

  • Solutions Enabler versions prior to 9.0.0.18

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.18

  • Solutions Enabler versions prior to 9.1.0.5

  • Solutions Enabler Virtual Appliance versions prior to 9.1.0.5

  • PowerMax OS Release 5978


Remediation:
The following product releases contain  resolutions to these vulnerabilities:    

  • Unisphere for PowerMax 9.0.2.17 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.17 or later

  • Unisphere for PowerMax 9.1.0.14 or later

  • Unisphere for PowerMax Virtual Appliance 9.1.0.14 or later

  • Solutions Enabler 9.0.0.18 or later

  • Solutions Enabler Virtual Appliance 9.0.0.18 or later

  • Solutions Enabler 9.1.0.5 or later

  • Solutions Enabler Virtual Appliance 9.1.0.5 or later

  • For PowerMax OS Release 5978.221.221 or 5978.479.479

    • Request an ePack for DSA-2020-062 per VMAX OPT 568208

Dell EMC recommends all customers upgrade at the earliest opportunity.


Link to Remedies:
Customers can download software from the following URLs:   

Unisphere for:   

  • Unisphere for PowerMax 9.0.2.17

  • Unisphere for VMAX Virtual Appliance 9.0.2.17 OVA and ISO

  • Unisphere for PowerMax 9.1.0.14

  • Unisphere for VMAX Virtual Appliance 9.1.0.14 OVA and ISO.

at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers

Solutions Enabler for:   

  • Solutions Enabler 9.0.0.18

  • Solutions Enabler Virtual Appliance 9.0.0.18 OVA and ISO.

  • Solutions Enabler 9.1.0.5

  • Solutions Enabler Virtual Appliance 9.1.0.5 OVA and ISO.

at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers



Affected products:   

  • Unisphere for PowerMax versions prior to 9.0.2.17

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.0.2.17

  • Unisphere for PowerMax versions prior to 9.1.0.14

  • Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.14

  • Solutions Enabler versions prior to 9.0.0.18

  • Solutions Enabler Virtual Appliance versions prior to 9.0.0.18

  • Solutions Enabler versions prior to 9.1.0.5

  • Solutions Enabler Virtual Appliance versions prior to 9.1.0.5

  • PowerMax OS Release 5978


Remediation:
The following product releases contain  resolutions to these vulnerabilities:    

  • Unisphere for PowerMax 9.0.2.17 or later

  • Unisphere for PowerMax Virtual Appliance 9.0.2.17 or later

  • Unisphere for PowerMax 9.1.0.14 or later

  • Unisphere for PowerMax Virtual Appliance 9.1.0.14 or later

  • Solutions Enabler 9.0.0.18 or later

  • Solutions Enabler Virtual Appliance 9.0.0.18 or later

  • Solutions Enabler 9.1.0.5 or later

  • Solutions Enabler Virtual Appliance 9.1.0.5 or later

  • For PowerMax OS Release 5978.221.221 or 5978.479.479

    • Request an ePack for DSA-2020-062 per VMAX OPT 568208

Dell EMC recommends all customers upgrade at the earliest opportunity.


Link to Remedies:
Customers can download software from the following URLs:   

Unisphere for:   

  • Unisphere for PowerMax 9.0.2.17

  • Unisphere for VMAX Virtual Appliance 9.0.2.17 OVA and ISO

  • Unisphere for PowerMax 9.1.0.14

  • Unisphere for VMAX Virtual Appliance 9.1.0.14 OVA and ISO.

at https://www.dell.com/support/home/us/en/19/product-support/product/unisphere-powermax/drivers

Solutions Enabler for:   

  • Solutions Enabler 9.0.0.18

  • Solutions Enabler Virtual Appliance 9.0.0.18 OVA and ISO.

  • Solutions Enabler 9.1.0.5

  • Solutions Enabler Virtual Appliance 9.1.0.5 OVA and ISO.

at https://www.dell.com/support/home/us/en/19/product-support/product/solutions-enabler/drivers



Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerMax

Product

PowerMax, PowerMax 2000, PowerMax 8000, PowerMaxOS 5978, Product Security Information, Solutions Enabler, Unisphere for PowerMax, VMAX 250F, VMAX 450F, VMAX 850F, VMAX 950F
Article Properties
Article Number: 000153922
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.
Article Properties
Article Number: 000153922
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.