Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000188563

DSA-2021-127: Dell VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

High

Details

Third-Party Component	CVEs	More information
avahi	CVE-2021-3468	Severity: High, see SUSE-SU-2021:1493-1
bind	CVE-2021-25214	Severity: Medium, see SUSE-SU-2021:1471-1
bind	CVE-2021-25215	Severity: Medium, see SUSE-SU-2021:1471-1
curl	CVE-2021-22876	Severity: Medium, see: SUSE-SU-2021:1006-1 SUSE-SU-2021:1762-1
curl	CVE-2021-22898
fribidi	N/A	Severity: High, see SUSE-SU-2021:1655-1
giflib	N/A	Severity: Low, see SUSE-SU-2021:1409-1
gnutls	CVE-2021-20231	Severity: High, see SUSE-SU-2021:0935-1
java-11-openjdk	CVE-2021-2163	Severity: High, see SUSE-SU-2021:1554-1
java-11-openjdk	CVE-2021-2161	Severity: High, see SUSE-SU-2021:1554-1
kernel	CVE-2019-18814	Severity: High, see: SUSE-SU-2021:1238-1 SUSE-SU-2021:1574-1
	CVE-2019-19769
	CVE-2020-25670
	CVE-2020-25671
	CVE-2020-25672
	CVE-2020-25673
	CVE-2020-27170
	CVE-2020-27171
	CVE-2020-27815
	CVE-2020-35519
	CVE-2020-36310
	CVE-2020-36311
	CVE-2020-36312
	CVE-2020-36322
	CVE-2021-27363
	CVE-2021-27364
	CVE-2021-27365
	CVE-2021-28038
	CVE-2021-28375
	CVE-2021-28660
	CVE-2021-28688
	CVE-2021-28950
	CVE-2021-28964
	CVE-2021-28971
	CVE-2021-28972
	CVE-2021-29154
	CVE-2021-29264
	CVE-2021-29265
	CVE-2021-29647
	CVE-2021-30002
	CVE-2021-3428
	CVE-2021-3444
	CVE-2021-3483
	CVE-2021-29650
	CVE-2021-29155
kernel	CVE-2021-29155	Severity: Low, see SUSE-SU-2021:1574-1
libnettle	CVE-2021-20305	Severity: Medium, see SUSE-SU-2021:1412-1
libX11	CVE-2021-31535	Severity: Medium, see SUSE-SU-2021:1765-1
libxml2	CVE-2021-20305	Severity: High, see: SUSE-SU-2021:1523-1 SUSE-SU-2021:1654-1
	CVE-2021-3156
	CVE-2021-3516
	CVE-2021-3517
	CVE-2021-3518
	CVE-2021-3537
lz4	CVE-2021-3520	Severity: High, see SUSE-SU-2021:1647-1
MozillaFirefox	CVE-2021-23981	Severity: Medium, see SUSE-SU-2021:1007-1
nghttp2	CVE-2020-11080	Severity: Medium, see SUSE-SU-2021:0930-1
openssl-1_1	CVE-2020-1971	Severity: Medium, see: SUSE-SU-2020:3721-1 SUSE-SU-2021:0754-1 SUSE-SU-2021:0955-1
	CVE-2021-23840
	CVE-2021-23841
	CVE-2021-3449
postgresql13	CVE-2021-3202	Severity: Medium, see SUSE-SU-2021:1785-1
	CVE-2021-32029
	CVE-2021-32027
python3	CVE-2021-23336	Severity: Medium, see: SUSE-SU-2021:0947-1 SUSE-SU-2021:1557-1 SUSE-SU-2021:1557-1
python3	CVE-2021-3426
ruby2.5	CVE-2020-25613	Severity: Medium, see: SUSE-SU-2021:0933-1 SUSE-SU-2021:1280-1
ruby2.5	CVE-2021-28965
shim	N/A	Severity: High, see SUSE-SU-2021:1564-1
sudo	CVE-2021-3156	Severity: High, see SUSE-SU-2021:1275-1
tar	CVE-2021-20193	Severity: Medium, see SUSE-SU-2021:0974-1
zstd	CVE-2021-24031	Severity: Low, see SUSE-SU-2021:0948-1
zstd	CVE-2021-24032	Severity: Low, see SUSE-SU-2021:0948-1

Third-Party Component	CVEs	More information
avahi	CVE-2021-3468	Severity: High, see SUSE-SU-2021:1493-1
bind	CVE-2021-25214	Severity: Medium, see SUSE-SU-2021:1471-1
bind	CVE-2021-25215	Severity: Medium, see SUSE-SU-2021:1471-1
curl	CVE-2021-22876	Severity: Medium, see: SUSE-SU-2021:1006-1 SUSE-SU-2021:1762-1
curl	CVE-2021-22898
fribidi	N/A	Severity: High, see SUSE-SU-2021:1655-1
giflib	N/A	Severity: Low, see SUSE-SU-2021:1409-1
gnutls	CVE-2021-20231	Severity: High, see SUSE-SU-2021:0935-1
java-11-openjdk	CVE-2021-2163	Severity: High, see SUSE-SU-2021:1554-1
java-11-openjdk	CVE-2021-2161	Severity: High, see SUSE-SU-2021:1554-1
kernel	CVE-2019-18814	Severity: High, see: SUSE-SU-2021:1238-1 SUSE-SU-2021:1574-1
	CVE-2019-19769
	CVE-2020-25670
	CVE-2020-25671
	CVE-2020-25672
	CVE-2020-25673
	CVE-2020-27170
	CVE-2020-27171
	CVE-2020-27815
	CVE-2020-35519
	CVE-2020-36310
	CVE-2020-36311
	CVE-2020-36312
	CVE-2020-36322
	CVE-2021-27363
	CVE-2021-27364
	CVE-2021-27365
	CVE-2021-28038
	CVE-2021-28375
	CVE-2021-28660
	CVE-2021-28688
	CVE-2021-28950
	CVE-2021-28964
	CVE-2021-28971
	CVE-2021-28972
	CVE-2021-29154
	CVE-2021-29264
	CVE-2021-29265
	CVE-2021-29647
	CVE-2021-30002
	CVE-2021-3428
	CVE-2021-3444
	CVE-2021-3483
	CVE-2021-29650
	CVE-2021-29155
kernel	CVE-2021-29155	Severity: Low, see SUSE-SU-2021:1574-1
libnettle	CVE-2021-20305	Severity: Medium, see SUSE-SU-2021:1412-1
libX11	CVE-2021-31535	Severity: Medium, see SUSE-SU-2021:1765-1
libxml2	CVE-2021-20305	Severity: High, see: SUSE-SU-2021:1523-1 SUSE-SU-2021:1654-1
	CVE-2021-3156
	CVE-2021-3516
	CVE-2021-3517
	CVE-2021-3518
	CVE-2021-3537
lz4	CVE-2021-3520	Severity: High, see SUSE-SU-2021:1647-1
MozillaFirefox	CVE-2021-23981	Severity: Medium, see SUSE-SU-2021:1007-1
nghttp2	CVE-2020-11080	Severity: Medium, see SUSE-SU-2021:0930-1
openssl-1_1	CVE-2020-1971	Severity: Medium, see: SUSE-SU-2020:3721-1 SUSE-SU-2021:0754-1 SUSE-SU-2021:0955-1
	CVE-2021-23840
	CVE-2021-23841
	CVE-2021-3449
postgresql13	CVE-2021-3202	Severity: Medium, see SUSE-SU-2021:1785-1
	CVE-2021-32029
	CVE-2021-32027
python3	CVE-2021-23336	Severity: Medium, see: SUSE-SU-2021:0947-1 SUSE-SU-2021:1557-1 SUSE-SU-2021:1557-1
python3	CVE-2021-3426
ruby2.5	CVE-2020-25613	Severity: Medium, see: SUSE-SU-2021:0933-1 SUSE-SU-2021:1280-1
ruby2.5	CVE-2021-28965
shim	N/A	Severity: High, see SUSE-SU-2021:1564-1
sudo	CVE-2021-3156	Severity: High, see SUSE-SU-2021:1275-1
tar	CVE-2021-20193	Severity: Medium, see SUSE-SU-2021:0974-1
zstd	CVE-2021-24031	Severity: Low, see SUSE-SU-2021:0948-1
zstd	CVE-2021-24032	Severity: Low, see SUSE-SU-2021:0948-1

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed	Product	Affected Versions	Updated Version
See below above	Dell VxRail Appliance	7.0.x versions prior to 7.0.202	7.0.202

CVEs Addressed	Product	Affected Versions	Updated Version
See below above	Dell VxRail Appliance	7.0.x versions prior to 7.0.202	7.0.202

Revision History

Revision	Date	Description
1.0	2021-06-15	Initial Release

DSA-2021-127: Dell VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type

Welcome

Welcome to Dell

DSA-2021-127: Dell VxRail Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Article Type