Artikelnummer: 000208448
DSA-2023-063: Dell Data Protection Search Security Update for Multiple Vulnerabilities
Samenvatting: Dell Data Protection Search remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Article content
Impact
Critical
Gegevens
| Third-party Component | CVEs | More information |
| Oracle JRE | CVE-2022-32215 CVE-2022-21634 CVE-2022-21597 CVE-2022-21628 CVE-2022-21626 CVE-2022-21618 CVE-2022-39399 CVE-2022-21624 CVE-2022-21619 |
https://www.oracle.com/security-alerts/cpuoct2022.html  |
| Nginx | CVE-2022-41742 | http://nginx.org/en/security_advisories.html |
| Apache Log4j | CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 CVE-2021-44832 |
Apache Log4j Remote Code Execution |
| Samba | CVE-2022-32746 CVE-2022-32745 CVE-2022-1615 |
https://www.suse.com/security/cve/CVE-2022-32746.html |
| Kernel | CVE-2022-33981 | https://www.suse.com/security/cve/CVE-2022-33981.html |
| Python | CVE-2021-28861 | https://www.suse.com/security/cve/CVE-2021-28861.html |
| OpenSSL | CVE-2022-1292 CVE-2022-2068 |
https://www.suse.com/security/cve/CVE-2022-1292.html https://www.suse.com/security/cve/CVE-2022-2068.html |
| Third-party Component | CVEs | More information |
| Oracle JRE | CVE-2022-32215 CVE-2022-21634 CVE-2022-21597 CVE-2022-21628 CVE-2022-21626 CVE-2022-21618 CVE-2022-39399 CVE-2022-21624 CVE-2022-21619 |
https://www.oracle.com/security-alerts/cpuoct2022.html |
| Nginx | CVE-2022-41742 | http://nginx.org/en/security_advisories.html |
| Apache Log4j | CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 CVE-2021-44832 |
Apache Log4j Remote Code Execution |
| Samba | CVE-2022-32746 CVE-2022-32745 CVE-2022-1615 |
https://www.suse.com/security/cve/CVE-2022-32746.html |
| Kernel | CVE-2022-33981 | https://www.suse.com/security/cve/CVE-2022-33981.html |
| Python | CVE-2021-28861 | https://www.suse.com/security/cve/CVE-2021-28861.html |
| OpenSSL | CVE-2022-1292 CVE-2022-2068 |
https://www.suse.com/security/cve/CVE-2022-1292.html https://www.suse.com/security/cve/CVE-2022-2068.html |
Getroffen producten en herstel
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Data Protection Search | 19.3.0 19.4.0 19.5.0 19.5.1 19.6.0 19.6.1 |
19.6.2 | https://dl.dell.com/downloads/X48KP_Search-19.6.2-upgrade-package.zip |
| Dell Integrated Data Protection Appliance | 2.7.3 2.7.2 2.7.1 2.7.0 2.6.x 2.5.x |
2.7.2 or 2.7.3 with DPSearch 19.6.2 patch | https://dl.dell.com/downloads/X48KP_Search-19.6.2-upgrade-package.zip Dell KB article 206371: PowerProtect Data Protection Appliance - IDPA: Procedure To Independently Upgrade Search Component. |
Note: For IDPA customers, the appliance must be at version 2.7.2 or 2.7.3 in order to apply aforementioned DPSearch patch.
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Data Protection Search | 19.3.0 19.4.0 19.5.0 19.5.1 19.6.0 19.6.1 |
19.6.2 | https://dl.dell.com/downloads/X48KP_Search-19.6.2-upgrade-package.zip |
| Dell Integrated Data Protection Appliance | 2.7.3 2.7.2 2.7.1 2.7.0 2.6.x 2.5.x |
2.7.2 or 2.7.3 with DPSearch 19.6.2 patch | https://dl.dell.com/downloads/X48KP_Search-19.6.2-upgrade-package.zip Dell KB article 206371: PowerProtect Data Protection Appliance - IDPA: Procedure To Independently Upgrade Search Component. |
Note: For IDPA customers, the appliance must be at version 2.7.2 or 2.7.3 in order to apply aforementioned DPSearch patch.
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2023-02-08 | Initial Release |
| 1.1 | 2023-03-24 | Reformatted for improved presentation without any changes to content. |
Verwante informatie
Juridische informatie
Artikeleigenschappen
Getroffen product
Data Protection Search, Data Protection Search, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information
Datum laatst gepubliceerd
24 mrt. 2023
Versie
2
Artikeltype
Dell Security Advisory