DSA-2024-424: Security Update for Dell PowerProtect DD Vulnerability

Zusammenfassung: Dell PowerProtect DD remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Dieser Artikel gilt für Dieser Artikel gilt nicht für Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden. In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Andere Ressourcen ansehen

Auswirkungen

Critical

Weitere Angaben

Version 7.7.5.50, 7.10.1.40, 7.13.1.10, 8.1.0.10 are not compatible with Avamar solutions. Please see below for more details. CVEs of Critical impact is CVE-2022-1996, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2024-23652, CVE-2024-23653, CVE-2019-14889, CVE-2022-29361

Details

Third-Party Component CVEs More information

Apache Tomcat

CVE-2024-24549, CVE-2024-23672

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Avahi

CVE-2023-38472, CVE-2023-38471, CVE-2023-38469

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

containerd

CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

cpio

CVE-2023-7207

See NVD link below for individual scores for CVE. https://nvd.nist.gov/

cryptography

CVE-2023-49083, CVE-2023-50782, CVE-2024-26130

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

curl

CVE-2023-46219, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Buildkit

CVE-2024-23651, CVE-2024-23652, CVE-2024-23653

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

fontTools

CVE-2023-45139

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNU Binutils

CVE-2017-16829, CVE-2018-7208, CVE-2022-48064

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Artifex Ghostscript

CVE-2023-46751

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNOME GLib

CVE-2021-27219

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

jackson-databind

CVE-2023-35116

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Jasper

CVE-2023-51257

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

LibTIFF

CVE-2022-1210, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Jinja

CVE-2024-22195

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Kernel

CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

less

CVE-2022-48624

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

util-linux

CVE-2024-28085

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Expat

CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

NCurse

CVE-2023-50495

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

nghttp2

CVE-2024-28182

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL

CVE-2023-5678, CVE-2024-0727

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

PostgreSQL

CVE-2024-0985

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Python

CVE-2023-6597, CVE-2024-0450, CVE-2023-52425, CVE-2023-27043, CVE-2023-40217

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libsqlite

CVE-2023-2137

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libssh

CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

 

libxml

CVE-2023-45322, CVE-2024-25062

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Sqlalchemy mako

CVE-2022-40023

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

netpbm

CVE-2017-5849

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

pam

CVE-2024-22365

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Pillow

CVE-2023-50447, CVE-2024-28219

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

pip

CVE-2023-5752

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

ppp

CVE-2022-4603

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

runc

CVE-2024-21626

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Spring Boot

CVE-2023-34055

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Sudo

CVE-2023-42465

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNU tar

CVE-2023-39804

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Thymeleaf

CVE-2023-38286

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

TPM2

CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

W3M

CVE-2023-4255

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Werkzeug

CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-48010 Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-45759 Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-48011 Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-48010 Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-45759 Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-48011 Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies empfiehlt allen Kunden, sowohl die CVSS-Gesamtbewertung als auch alle relevanten zeitlichen und umweltbezogenen Bewertungen zu berücksichtigen, die sich auf den potenziellen Schweregrad einer bestimmten Sicherheitsschwachstelle auswirken können.

Betroffene Produkte und Korrektur

CVE Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759 , CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS), LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 8.1

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-39804

DD OS 7.13

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.10

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

 Version 7.10.1.40 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.7

Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 8.1

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.8.0.0 through 8.1.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.13

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.10

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759 , CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS), LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 8.1

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-39804

DD OS 7.13

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.10

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

 Version 7.10.1.40 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.7

Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 8.1

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.8.0.0 through 8.1.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.13

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.10

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)
Caution: Version 7.7.5.50, 7.10.1.40, 7.13.1.10, 8.1.0.10 are not compatible with Avamar solutions. Dell will release updated DD OS versions and an updated Dell Security Advisory containing remediation for Avamar customers. For more information, please refer to Avamar: Unable to add or edit Data Domain on recent DDOS and DDVE versions due to certificate restriction. Please follow security best practices to protect your Avamar appliance and monitor this advisory for updates. 
 
Note:
  1. PowerProtect DD: Software Versions : This KB article provides the status of the current active PowerProtect DD Operating System (DD OS) releases, along with links to the release notes. (Requires support.dell.com login to view article).
  2. Some security scanners may still report False Positive findings after upgrading to remediated DDOS versions.
  3. For more details, please refer to the respective False Positive KB articles:

Revisionsverlauf

Revision

Date

Description

1.0

2024-11-06

Initial Release

2.0

2024-11-23

Updated for enhanced presentation with no changes to content

3.0

2024-11-23

Updated with information regarding compatibility with Avamar

Zugehörige Informationen

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Rechtlicher Hinweis

Betroffene Produkte

Data Domain, DD OS, DD OS 7.10, DD OS 7.13, DD OS 7.7, DD OS 8.1, DD OS Licensed Features, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, Integrated Data Protection Appliance Family
Artikeleigenschaften
Artikelnummer: 000245360
Artikeltyp: Dell Security Advisory
Zuletzt geändert: 23 Nov. 2024
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.