Release Notes

Important Notes

Topics:

• Security

• Ethernet Switch firmware update

• Upgrading or downgrading OME-Modular

Security

OpenVAS vulnerability scanner may report the following issues:

● NVT: OpenSSH 'sftp-server' Security Bypass Vulnerability (Linux) (OID: 1.3.6.1.4.1.25623.1.0.812051). This is a false positive

based on the OpenSSH version that OME–Modular carries. No SFTP is exposed or supported.

● NVT: SSH Weak Encryption Algorithms Supported (OID: 1.3.6.1.4.1.25623.1.0.105611). OME–Modular supports secure

algorithms and upgrades SSH clients to the appropriate option. Configure your SSH client to autonegotiate the crypto

algorithms used.

Security best practices

● SNMP

○ Security scanners may identify SNMP. If you do not use SNMP in your deployment, you can disable SNMP.

○ If SNMP is required, Dell EMC recommends that the default community name is changed from public.

● By default, a self-signed certificate is generated to enable HTTPS communication. Dell EMC recommends generating a CSR

and installing a valid non-self signed certificate.

Besides improving the security of OME-Modular, these actions eliminate warnings that are produced by vulnerability scanners

relating to the default self-signed web server certificate and default SNMP community name.

NOTE: Dell EMC recommends changing the default password for OME–Modular.

Ethernet Switch firmware update

For instructions about updating network IOMs, see the Dell EMC OpenManage Enterprise - Modular Edition Version 1.20.10 for

PowerEdge MX Chassis User's Guide.

NOTE:

You can update up to six IOMs simultaneously. However, the OME-Modular web interface displays a

recommendation message to update only four IOMs simultaneously to ensure network stability.

Upgrading or downgrading OME-Modular

Clear the browser cache before or after upgrading or downgrading OME-Modular.

8 Important Notes