Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

DSA-2021-148: Dell PowerFlex Appliance Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerFlex Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 
Check out resources for

Impact

High

Details

Third-Party Component CVEs More information
Intel
 		 CVE-2020-24511 INTEL-SA-00463
INTEL-SA-00464
 
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
Dell Server iDRAC CVE-2020-26198

DSA-2020-268: Dell EMC iDRAC9 Reflected XSS Vulnerability 
Third-Party Component CVEs More information
Intel
 		 CVE-2020-24511 INTEL-SA-00463
INTEL-SA-00464
 
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
Dell Server iDRAC CVE-2020-26198

DSA-2020-268: Dell EMC iDRAC9 Reflected XSS Vulnerability 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2020-24511 PowerFlex Appliance Versions before Intelligent Catalog 37.355.00.r16

Versions before Intelligent Catalog 37.361.00.r14		 Intelligent Catalog 37.355.00.r16


Intelligent Catalog 37.361.00.r14		 For IC downloads:
https://www.dell.com/support/home/en-us/product-support/product/vxflex-appliance-sw/drivers
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
CVE-2020-26198
CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2020-24511 PowerFlex Appliance Versions before Intelligent Catalog 37.355.00.r16

Versions before Intelligent Catalog 37.361.00.r14		 Intelligent Catalog 37.355.00.r16


Intelligent Catalog 37.361.00.r14		 For IC downloads:
https://www.dell.com/support/home/en-us/product-support/product/vxflex-appliance-sw/drivers
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
CVE-2020-26198

Revision History

RevisionDateDescription
1.02021-07-07Initial Release
2.02021-07-14Removed VMware component which is addressed in DSA-2021-128: Dell PowerFlex Appliance Security Update for VMware vCenter Server Component Vulnerabilities

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerFlex Appliance, Product Security Information, PowerFlex appliance R640, PowerFlex appliance R740XD, PowerFlex appliance R840
Article Properties
Article Number: 000189435
Article Type: Dell Security Advisory
Last Modified: 30 Jul 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.
Article Properties
Article Number: 000189435
Article Type: Dell Security Advisory
Last Modified: 30 Jul 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.