DSA-2021-198: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Table of Contents

Detailed Article

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Dell EMC PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to

Check out resources for

Impact

Critical

Details

Component	CVE(s)	CVSS score	More information
VMware ESXi	CVE-2021-21994	7.0	VMSA-2021-0014
VMware ESXi	CVE-2021-21995	5.3	VMSA-2021-0014
vCenter Server	CVE-2021-22005	9.8	VMSA-2021-0020 https://www.vmware.com/security/advisories/VMSA-2021-0020.html Note: This RCM release has fixes only for vSphere 7.0x. Fixes for vSphere 6.5 and 6.7 will be in the future release. See “Workaround” section at the end of this article.
	CVE-2021-21991	4.3-8.8
	CVE-2021-21992
	CVE-2021-21993
	CVE-2021-22006
	CVE-2021-22007
	CVE-2021-22008
	CVE-2021-22009
	CVE-2021-22010
	CVE-2021-22014
	CVE-2021-22015
	CVE-2021-22019
	CVE-2021-22020
Dell Server BIOS Firmware	CVE-2020-12357	7.5	INTEL-SA-00463
Dell Server BIOS Firmware	CVE-2020-12360	5.6	INTEL-SA-00463
iDRAC	CVE-2021-21581	6.5	DSA-2021-133 DSA-2021-177
	CVE-2021-21580	4.3
	CVE-2021-21579	6.1
	CVE-2021-21578	6.1
	CVE-2021-21577	6.1
	CVE-2021-21576	6.1
	CVE-2021-36299	5.9
	CVE-2021-36300	6.5
	CVE-2021-36301	7.1
	CVE-2021-20235	7.1
PowerFlex Manager	CVE-1999-0519	7.5
	CVE-1999-0520	6.4
	CVE-1999-0517	7.5

Component	CVE(s)	CVSS score	More information
VMware ESXi	CVE-2021-21994	7.0	VMSA-2021-0014
VMware ESXi	CVE-2021-21995	5.3	VMSA-2021-0014
vCenter Server	CVE-2021-22005	9.8	VMSA-2021-0020 https://www.vmware.com/security/advisories/VMSA-2021-0020.html Note: This RCM release has fixes only for vSphere 7.0x. Fixes for vSphere 6.5 and 6.7 will be in the future release. See “Workaround” section at the end of this article.
	CVE-2021-21991	4.3-8.8
	CVE-2021-21992
	CVE-2021-21993
	CVE-2021-22006
	CVE-2021-22007
	CVE-2021-22008
	CVE-2021-22009
	CVE-2021-22010
	CVE-2021-22014
	CVE-2021-22015
	CVE-2021-22019
	CVE-2021-22020
Dell Server BIOS Firmware	CVE-2020-12357	7.5	INTEL-SA-00463
Dell Server BIOS Firmware	CVE-2020-12360	5.6	INTEL-SA-00463
iDRAC	CVE-2021-21581	6.5	DSA-2021-133 DSA-2021-177
	CVE-2021-21580	4.3
	CVE-2021-21579	6.1
	CVE-2021-21578	6.1
	CVE-2021-21577	6.1
	CVE-2021-21576	6.1
	CVE-2021-36299	5.9
	CVE-2021-36300	6.5
	CVE-2021-36301	7.1
	CVE-2021-20235	7.1
PowerFlex Manager	CVE-1999-0519	7.5
	CVE-1999-0520	6.4
	CVE-1999-0517	7.5

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVE(s) Addressed	Component	Affected Version(s)	Updated Version(s)	Fix package include in RCM
CVE-2021-21994	ESXi	Versions prior to 3.3.10.1	3.3.10.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994	ESXi	Versions prior to 3.4.5.1	3.4.5.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994	ESXi	Versions prior to 3.5.5.1	3.5.5.1	6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995	ESXi	Versions prior to 3.3.10.1	3.3.10.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995	ESXi	Versions prior to 3.4.5.1	3.4.5.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995	ESXi	Versions prior to 3.5.5.1	3.5.5.1	6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21991	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21992	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21993	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22006	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22007	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22008	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22009	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22010	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22014	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22015	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22019	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22020	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2020-12357	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21580	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 5.00.10.00
CVE-2021-21580	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-1999-0519	PowerFlex Manager	Versions prior to 3.7.1	3.7.1	Build Number 3.7.1-7782
CVE-1999-0520	PowerFlex Manager	Versions prior to 3.7.0	3.7.1	Build Number 3.7.1-7782
CVE-1999-0517	PowerFlex Manager	Versions prior to 3.7.0	3.7.1	Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

CVE(s) Addressed	Component	Affected Version(s)	Updated Version(s)	Fix package include in RCM
CVE-2021-21994	ESXi	Versions prior to 3.3.10.1	3.3.10.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994	ESXi	Versions prior to 3.4.5.1	3.4.5.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21994	ESXi	Versions prior to 3.5.5.1	3.5.5.1	6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-21995	ESXi	Versions prior to 3.3.10.1	3.3.10.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995	ESXi	Versions prior to 3.4.5.1	3.4.5.1	6.5 Update 3 Express Patch 24 (Build Number 18071574)
CVE-2021-21995	ESXi	Versions prior to 3.5.5.1	3.5.5.1	6.7 Update 3 Patch 05 (Build Number 17700523)
CVE-2021-22005	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21991	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21992	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-21993	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22006	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22007	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22008	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22009	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22010	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22014	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22015	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22019	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2021-22020	vCenter Server	Versions prior to 3.6.1.1	3.6.1.1	7.0 Update 2c (Build Number 18356314)
CVE-2020-12357	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12357	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2020-12360	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell Server BIOS Firmware (13G) - 2.13.0
CVE-2021-21576	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21576	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21577	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21578	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21579	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21580	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 5.00.10.00
CVE-2021-21580	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21580	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00 Dell EMC iDRAC8 version 2.81.81.81
CVE-2021-21581	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-21581	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36299	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-20235	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36300	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.3.10.1	3.3.10.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.4.5.1	3.4.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.5.5.1	3.5.5.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-2021-36301	Dell Server	Versions prior to 3.6.1.1	3.6.1.1	Dell EMC iDRAC9 version 5.00.10.00
CVE-1999-0519	PowerFlex Manager	Versions prior to 3.7.1	3.7.1	Build Number 3.7.1-7782
CVE-1999-0520	PowerFlex Manager	Versions prior to 3.7.0	3.7.1	Build Number 3.7.1-7782
CVE-1999-0517	PowerFlex Manager	Versions prior to 3.7.0	3.7.1	Build Number 3.7.1-7782

Links to update:
For RCM release information: https://cpsdocs.dellemc.com/rcm/#/home
For RCM download: https://vce.flexnetoperations.com

Workarounds & Mitigations

For CVE-2021-22005 under VMSA-2021-0020 (https://www.vmware.com/security/advisories/VMSA-2021-0020.html), refer to the following link for workarounds: https://kb.vmware.com/s/article/85717.

Revision History

Revision	Date	Description
1.0	2021-09-25	Initial Release
2.0	2021-09-30	Added VMware Security Advisory link, Workaround notes for vSphere 6.5 and 6.7, and Component CVSS Base Scores to Details section. Added Workaround links to Workarounds and Mitigations section.

Related Information

Legal Disclaimer

Affected Products

PowerFlex rack, Product Security Information, PowerFlex Software

Article Number: 000191881

Article Type: Dell Security Advisory

Last Modified: 30 Sep 2021

Check if your device is covered by Support Services.

Article Number: 000191881

Article Type: Dell Security Advisory

Last Modified: 30 Sep 2021

Check if your device is covered by Support Services.

DSA-2021-198: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Welcome

Welcome to Dell

DSA-2021-198: Dell EMC PowerFlex rack Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC PowerFlex rack remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Detailed Article

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Info

Legal Disclaimer

Affected Products

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services