Place orders quickly and easily
View orders and track your shipping status
Enjoy members-only rewards and discounts
Create and access a list of your products
Sign In
Create an Account
Dell Financial Services
Premier Sign In
Partner Program Sign In
Summary:
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the
affected system.
View More
View Less
CVE-2021-43589
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVE-2021-43589
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
CVEs Addressed
Products
Affected Versions
Updated Versions
Link to Update
All of the above
Dell EMC Unity Operating Environment (OE)
Before 5.1.2.0.5.007
5.1.2.0.5.007
https://www.dell.com/support/home/en-us/product-support/product/unity-all-flash-family/drivers
Dell EMC UnityVSA Operating Environment (OE)
Before 5.1.2.0.5.007
5.1.2.0.5.007
Dell EMC Unity XT Operating Environment (OE)
Before 5.1.2.0.5.007
5.1.2.0.5.007
Before 5.1.2.0.5.007
5.1.2.0.5.007
https://www.dell.com/support/home/en-us/product-support/product/unity-all-flash-family/drivers
Dell EMC UnityVSA Operating Environment (OE)
Before 5.1.2.0.5.007
5.1.2.0.5.007
Dell EMC Unity XT Operating Environment (OE)
Before 5.1.2.0.5.007
5.1.2.0.5.007
Workarounds & Mitigations
None.
Revision History
|
Revision
|
Date
|
More Information
|
|
1.0
|
2021-12-29
|
Initial Release
|
|
1.1
|
2022-01-05
|
Minor update to CVE Identifier field.
|
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Dell EMC Unity, Product Security Information, Dell Unity 300, Dell EMC Unity 300F, Dell EMC Unity 350F, Dell EMC Unity XT 380, Dell EMC Unity XT 380F, Dell EMC Unity 400, Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity XT 480
, Dell EMC Unity XT 480F, Dell EMC Unity 500, Dell EMC Unity 500F, Dell EMC Unity 550F, Dell EMC Unity 600, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity XT 680, Dell EMC Unity XT 680F, Dell EMC Unity XT 880, Dell EMC Unity XT 880F, Dell EMC Unity Family, Dell EMC UnityVSA Professional Edition/Unity Cloud Edition
View More
about warranties
View Less
about warranties
