DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Oversigt: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Denne artikel gælder for Denne artikel gælder ikke for Denne artikel er ikke knyttet til et bestemt produkt. Det er ikke alle produktversioner, der er identificeret i denne artikel.
Udforsk andre ressourcer

Virkning

Critical

Oplysninger

Third-party Component CVEs More information
Apache CVE-2021-37533, CVE-2022-40146, CVE-2023-25690, CVE-2023-27522, CVE-2022-42252, CVE-2023-24998, CVE-2023-28708 https://nvd.nist.gov/vuln/detail/CVE-2021-37533This hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-40146.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-25690.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27522.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-42252.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-24998.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-28708This hyperlink is taking you to a website outside of Dell Technologies.
WoodStox CVE-2022-40152 https://www.suse.com/security/cve/CVE-2022-40152.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Json CVE-2023-1370, CVE-2022-45688 https://nvd.nist.gov/vuln/detail/CVE-2023-1370This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-45688This hyperlink is taking you to a website outside of Dell Technologies.
Curl CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538 https://www.suse.com/security/cve/CVE-2023-27533.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27534.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27535.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27536.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27538.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Java CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628 https://www.suse.com/security/cve/CVE-2022-21619.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21624.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21626.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21628.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Jettison CVE-2022-40149, CVE-2022-40150, CVE-2022-45685, CVE-2022-45693, CVE-2023-1436 https://www.suse.com/security/cve/CVE-2022-40149.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-40150.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-45685.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-45693.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-1436.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Kernel CVE-2017-5754, CVE-2021-4203, CVE-2022-2991, CVE-2022-4129, CVE-2022-4662, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545 https://www.suse.com/security/cve/CVE-2017-5754.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2021-4203.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-2991.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-4129.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-4662.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-36280.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38096.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-47929.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0045.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0266.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0590.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0597.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-1118.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-23559.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-26545.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libbind9-161 CVE-2022-2795, CVE-2022-38177, CVE-2022-38178 https://www.suse.com/security/cve/CVE-2022-2795.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38177.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38178.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Openssl CVE-2022-4450, CVE-2023-0215, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466 https://www.suse.com/security/cve/CVE-2022-4450.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0215.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0464.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0465.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0466.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Python CVE-2022-45061, CVE-2023-24329 https://www.suse.com/security/cve/CVE-2022-45061.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-24329.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Springframework CVE-2022-22950, CVE-2022-22970, CVE-2022-22971, CVE-2023-20861, CVE-2023-20863, CVE-2023-20873 https://nvd.nist.gov/vuln/detail/CVE-2022-22950This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-22970This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-22971This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20861This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20863This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20873This hyperlink is taking you to a website outside of Dell Technologies.
TAR CVE-2022-48303 https://www.suse.com/security/cve/CVE-2022-48303.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libapr-util1 CVE-2022-25147 https://www.suse.com/security/cve/CVE-2022-25147.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libpcre2-8-0 CVE-2022-1587 https://www.suse.com/security/cve/CVE-2022-1587.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libX11 CVE-2022-3555 https://www.suse.com/security/cve/CVE-2022-3555.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libxslt1 CVE-2021-30560 https://www.suse.com/security/cve/CVE-2021-30560.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
TCL suse-su-20223653-1 https://www.suse.com/pt-br/support/update/announcement/2022/suse-su-20223653-1/This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28043 Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text. 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  This hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28043 Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text. 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies anbefaler, at alle kunder tager hensyn til både CVSS-basisresultatet og alle relevante tidsmæssige og miljømæssige resultater, som kan have betydning for den potentielle alvorsgrad, der er forbundet med en bestemt sikkerhedsrisiko.

Berørte produkter og udbedring

Product Affected Versions Remediated Versions Link
Dell Secure Connect Gateway Version 5.14.00.16 Version 5.16 https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers
 
Product Affected Versions Remediated Versions Link
Dell Secure Connect Gateway Version 5.14.00.16 Version 5.16 https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers
 

Revisionshistorik

RevisionDateDescription
1.02023-05-31Initial Release
2.02023-06-19Updated Proprietary code CVE score and CVSS Vector String
3.02023-09-01Updated for enhanced presentation with no changes to content. Added external link icons.

Relaterede oplysninger

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Ansvarsfraskrivelse

Berørte produkter

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition
Artikelegenskaber
Artikelnummer: 000214205
Artikeltype: Dell Security Advisory
Senest ændret: 19 sep. 2025
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.