IDPA: vCenter Security Vulnerability Impact on Dell EMC Integrated Data Protection Appliance.
Print
Created by: Srinath Ramachandran
Modified on: Tue, 28 Apr, 2020 at 10:21 PM
VMware Security Advisory VMSA-2020-0006.1 and VMware CVE-2020-3952 affecting Dell EMC IDPA
Summary: This KB article walks you through the impact of VMware Security Advisory VMSA-2020-0006.1 which includes fix for CVE-2020-3952. The KB article also walks you through the fixes and procedures for the same.
| Issue | VMware Security Advisories which impact the Dell EMC IDPA :| Advisory ID | VMSA-2020-0006.1 | | Advisory Severity | Critical | | CVSSv3 Range | 10.0 | | Synopsis | VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952) | | Issue Date | 2020-04-09 | | Updated On | 2020-04-16 | | CVE(s) | CVE-2020-3952 |
IDPA vCenter Server version '6.7.0-15132721 ' which comes bundled with IDPA 2.5 is affected by this vulnerability.
If customer is on IDPA version 2.5, they should upgrade the IDPA Internal vCenter Server to version 6.7.0-15976714 (which includes fix for security vulnerability CVE-2020-3952 ). |
| Resolution | 1: Upgrade the Dell EMC Integrated Data Protection Appliance to version 2.5 respectively.
2: In Order to Fix the security vulnerability for VMware Advisory VMSA-2020-0006.1 and CVE-2020-3952, Contact IDPA Support and refer this article.
Notes:- vCenter Patch Upgrade to version 6.7.0-15976714 fixes this issue on IDPA version 2.5.
- IDPA Support must be engaged to address this issue.
- IDPA must already be on version 2.5 (mandatory) prior to running the update.
- This vulnerability will be fixed in IDPA version 2.6.
|
Srinath is the author of this solution article.
Did you find it helpful?
Yes
No
Send feedback Sorry we couldn't be helpful. Help us improve this article with your feedback.
