RSA Authentication Manager Availability of Firmware Updates to Address iDRAC Vulnerabilities 

Document created by RSA Product Team Employee on May 7, 2018Last modified by RSA Product Team Employee on May 7, 2018
Version 2Show Document
  • View in full screen mode

Summary:

Dell EMC has identified vulnerabilities in the iDRAC management platform on Dell PowerEdge servers, including two which are used as platforms for the RSA Authentication Manager hardware appliance. The following Dell EMC advisory discusses this issue:

 

Vulnerability Details for iDRAC7/iDRAC8/iDRAC9 - Advisory

Dell EMC Whitepaper:

http://en.community.dell.com/techcenter/extras/m/white_papers/20485410

 

Affected Products:

  • RSA SecurID Hardware Appliance Model 130 based on the Dell PowerEdge R230
  • RSA SecurID Hardware Appliance Model 250 based on the Dell PowerEdge R630

 

RSA recommends that customers using the Dell PowerEdge R230 and Dell PowerEdge R630 hardware platform apply the firmware patch for iDRAC8. To determine your hardware platform, see the following Knowledgebase article: 

000036316 - How to determine the RSA Authentication Manager 8.x hardware platform 

 

iDRAC with Lifecycle Controller 2.52.52.52

 

Patch Info:

The following web page includes installation instructions and other information:

http://www.dell.com/support/home/us/en/04/Drivers/DriversDetails?driverId=1YCHC

 

Patch Download:

Download the Windows self-extracting executable version of the patch:

https://downloads.dell.com/FOLDER04830649M/1/iDRAC8_2.52.52.52_A00.exe

 

The download contains a text document with installation instructions and the firmimg.d7 file.  Please read and follow all of the documented instructions and precautions. The update is installed by opening the iDRAC and passing the firming.d7 file as input to the iDRAC's "Update and Rollback" page.

 

For RSA Authentication Manager documentation, downloads, and more, visit the RSA SecurID Access page on RSA Link.

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes