Dell EMC published today a critical security advisory for the Data Protection Central product: DSA-2020-173.
The advisory outlines several components of Dell EMC Data Protection Central that require a security update to address dozens of vulnerabilities. The reported vulnerabilities may lead to denial of service, privilege escalation, buffer overflow and other forms of attack.
The versions affected are:
- Dell EMC Data Protection Central versions 1.0.0, 1.0.1, 18.1, 18.2, 19.1, 19.2, and 19.3
- Dell EMC Integrated Data Protection Appliance (IDPA) System Manager version 18.1, 18.2, and 19.2
Dell EMC recommends that you upgrade to a non-vulnerable version at the earliest opportunity.
About Data Protection Central
Data Protection Central is a management console for Avamar, NetWorker, Data Domain, PowerProtect Data Manager, Data Protection Search, and Data Protection Advisor. If your organization is using one or more of the above-mentioned products, check whether Data Protection Central has also been deployed and whether the version currently used is vulnerable or not.
For additional information, refer to the source Dell EMC publication – https://www.dell.com/support/security/en-us/details/545133/DSA-2020-173-Dell-EMC-Data-Protection-Central-Security-Update-for-Multiple-Third-Party-Component