000026992 - How to upgrade the firmware on Dell iDRAC7 through the command line interface on RSA Security Analytics appliances

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000026992
Applies ToRSA Security Analytics
RSA Security Analytics Series 4s Appliance
RSA NetWitness NextGen
Dell PowerEdge R620
iDRAC7
iDRAC
ESA-2014-039: RSA Appliance Security Update for Dell iDRAC7
CVE-2013-3589
CVE-2013-4783
IssueHow to upgrade the firmware on Dell iDRAC7 through the command line interface on RSA Security Analytics appliances.
Resolution

To fix several vulnerabilities in the iDRAC firmware, follow these instructions to download and upgrade the firmware in a Dell iDRAC7.


This solution requires that the iDRAC7 be configured and enabled and accessible via the console or through an ssh session.  For this operation, the console is preferable.  If an ssh session is interrupted during the upgrade it could render the iDRAC unusable. 


If the iDRAC7 is not configured and not connected to a network there is no reason to upgrade the firmware. 


Link to the latest Dell iDRAC7 1.57.57 firmware: http://www.dell.com/support/home/us/en/04/Drivers/DriversDetails?driverId=XH6FX


Download the following files: 
1. iDRAC7__1.57.57__A00.exe
2. iDRAC7_1 57 57_A_ReleaseNotes.pdf or iDRAC7_1 57 57_A_ReleaseNotes.txt
3. ESM_Firmware_XH6FX_LN_1.57.57_A00.BIN


The first file contains the firmware image (firmimg.d7) used to upgrade via the web interface. 


The second file contains the release notes and other useful information on installation. 


The third file is the BIN file required to upgrade from the command line interface as explained in the detailed steps below.


The installation instructions are as follows:


From a workstation, remotely update the firmware using the iDRAC7 Web interface:
1. Extract the ESM_Firmware_XH6FX_LN_1.57.57_A00.BIN file and copy to the target appliance.  This solution assumes you have copied the file to /tmp.
2. Logon to the appliance via the console or through an ssh session with root permissions.
3. Change into the /tmp folder and change the file to executable mode:
     cd /tmp
     chmod +x ESM_Firmware_XH6FX_LN_1.57.57_A00.BIN
4. Execute the BIN file to upgrade the firmware.
     ./ESM_Firmware_XH6FX_LN_1.57.57_A00.BIN
5. Read the license information and all prompts carefully and respond to each prompt with the default response. Make sure you are applying the firmware version you intend to apply.  You may cancel the installation with Ctrl+C before responding to the final prompt.
6. Wait for the upload to complete. This should take between 6 and 8 minutes.  There is a simple progress indicator displayed on screen during the update process and confirmation when completed.
7. When the update completes, the iDRAC will reset (or reboot) but this will not be obvious through the console or ssh session.  Logout of the console or ssh session.  No further action is required. 


Only the iDRAC will reboot at the end of the process.  The appliance operating system will not reboot. 

Notes

noetpad


For instructions on upgrading the Dell iDRAC firmware via the web interface, refer to the knowledgebase article How to upgrade firmware on Dell iDRAC7 through the web interface on RSA Security Analytics appliances.

Legacy Article IDa66564

Attachments

    Outcomes