Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2020-279: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack contains remediation for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

Third-Party Component CVE(s) More information
Intel





 		 CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
VMware CVE-2020-3981 VMSA-2020-0023
VMSA-2020-0018
VMSA-2020-0026
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-4005
Cisco N9332PQ and N93180YC-EX Switches CVE-2020-3175 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
Third-Party Component CVE(s) More information
Intel





 		 CVE-2020-0587 INTEL-SA-00358
INTEL-SA-00391
INTEL-SA-00390
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
VMware CVE-2020-3981 VMSA-2020-0023
VMSA-2020-0018
VMSA-2020-0026
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-4005
Cisco N9332PQ and N93180YC-EX Switches CVE-2020-3175 See NVD (http://nvd.nist.gov/) for individual scores for each CVE
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2020-0587 PowerFlex rack Versions prior to 3.3.9.0

Versions prior to 3.4.4.0

Versions prior to 3.5.4.0		 3.3.9.0



3.4.4.0



3.5.4.0		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-3175 PowerFlex rack 3.3.5.0 - 3.3.8.2

3.4.0.0 - 3.4.3.1

3.5.0.0-3.5.3.1
 		 3.3.9.0


3.4.3.2 


3.5.3.2
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394
CVEs Product Affected RCM Versions Updated RCM Versions Link to Update
CVE-2020-0587 PowerFlex rack Versions prior to 3.3.9.0

Versions prior to 3.4.4.0

Versions prior to 3.5.4.0		 3.3.9.0



3.4.4.0



3.5.4.0		 For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home.

For RCM download: https://vce.flexnetoperations.com/control/vcec/product?plneID=740417
 
CVE-2020-0588
CVE-2020-0590
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
CVE-2020-8705
CVE-2020-8696
CVE-2020-8674
CVE-2020-8738
CVE-2020-8739
CVE-2020-8740
CVE-2020-3981
CVE-2020-3982
CVE-2020-3992
CVE-2020-3993
CVE-2020-3994
CVE-2020-3995
CVE-2020-3976
CVE-2020-4004
CVE-2020-3175 PowerFlex rack 3.3.5.0 - 3.3.8.2

3.4.0.0 - 3.4.3.1

3.5.0.0-3.5.3.1
 		 3.3.9.0


3.4.3.2 


3.5.3.2
CVE-2020-10136
CVE-2020-3217
CVE-2020-3228
CVE-2018-0307
CVE-2018-0306
CVE-2020-3454
CVE-2020-3517
CVE-2020-3398
CVE-2020-3397
CVE-2020-3415
CVE-2020-3338
CVE-2020-3394

Workarounds & Mitigations

None

Revision History

RevisionDateDescription
1.02020-12-14Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerFlex rack
Article Properties
Article Number: 000181211
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.
Article Properties
Article Number: 000181211
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.