Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000204996


DSA-2022-272: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details
Third-Party Component CVEs More information

Apache cxf

CVE-2021-22696

https://nvd.nist.gov/vuln/detail/CVE-2021-22696
CVE-2021-30468
 
https://nvd.nist.gov/vuln/detail/CVE-2021-30468
CVE-2021-40690 https://nvd.nist.gov/vuln/detail/CVE-2021-40690
Apache tomcat CVE-2020-9484 https://nvd.nist.gov/vuln/detail/CVE-2020-9484
CVE-2022-23181 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
CVE-2022-29885 https://nvd.nist.gov/vuln/detail/CVE-2022-29885
ESAPI CVE-2022-23457 https://nvd.nist.gov/vuln/detail/CVE-2022-23457
git-core CVE-2021-40330 https://www.suse.com/security/cve/CVE-2021-40330
grub2 CVE-2021-3695 https://www.suse.com/security/cve/CVE-2021-3695.html
CVE-2021-3696 https://www.suse.com/security/cve/CVE-2021-3696.html
CVE-2021-3697 https://www.suse.com/security/cve/CVE-2021-3697.html
CVE-2022-28733 https://www.suse.com/security/cve/CVE-2022-28733.html
CVE-2022-28734 https://www.suse.com/security/cve/CVE-2022-28734.html
CVE-2022-28736 https://www.suse.com/security/cve/CVE-2022-28736.html
gstreamer CVE-2021-3522 https://www.suse.com/security/cve/CVE-2021-3522.html
jackson-databind CVE-2019-14379 https://nvd.nist.gov/vuln/detail/CVE-2019-14379
CVE-2019-14540 https://nvd.nist.gov/vuln/detail/cve-2019-14540
CVE-2019-14892 https://nvd.nist.gov/vuln/detail/CVE-2019-14892
CVE-2019-14893 https://nvd.nist.gov/vuln/detail/CVE-2019-14893
CVE-2019-16335 https://nvd.nist.gov/vuln/detail/CVE-2019-16335
CVE-2019-16942 https://nvd.nist.gov/vuln/detail/CVE-2019-16942
CVE-2019-16943 https://nvd.nist.gov/vuln/detail/CVE-2019-16943
CVE-2019-17267 https://nvd.nist.gov/vuln/detail/CVE-2019-17267
CVE-2019-17531 https://nvd.nist.gov/vuln/detail/CVE-2019-17531
CVE-2020-36518 https://suse.com/security/cve/CVE-2020-36518.html
Java CVE-2022-21277 https://nvd.nist.gov/vuln/detail/CVE-2022-21540
CVE-2022-21540 https://nvd.nist.gov/vuln/detail/CVE-2022-21277
CVE-2022-21541 https://nvd.nist.gov/vuln/detail/CVE-2022-21541
CVE-2022-34169 https://nvd.nist.gov/vuln/detail/CVE-2022-34169
kernel-default-base CVE-2020-36557 https://www.suse.com/security/cve/CVE-2020-36557.html
CVE-2020-36558
 
https://www.suse.com/security/cve/CVE-2020-36558.html
CVE-2021-33655 https://www.suse.com/security/cve/CVE-2021-33655.html
CVE-2021-33656 https://www.suse.com/security/cve/CVE-2021-33656.html
CVE-2021-45095 https://www.suse.com/security/cve/CVE-2021-45095.html
CVE-2022-1462 https://www.suse.com/security/cve/CVE-2022-1462.html
CVE-2022-20166 https://www.suse.com/security/cve/CVE-2022-20166.html
CVE-2022-36946 https://www.suse.com/security/cve/CVE-2022-36946.html
libp11-kit0 CVE-2020-29362 https://www.suse.com/security/cve/CVE-2020-29362.html
libpcre2 CVE-2022-1587 https://www.suse.com/security/cve/CVE-2022-1587.html
libpq5 CVE-2022-2625 https://www.suse.com/security/cve/CVE-2022-2625.html
libz1 CVE-2022-37434 https://www.suse.com/security/cve/CVE-2022-37434.html
ncurses CVE-2022-29458 https://www.suse.com/security/cve/CVE-2022-29458.html
CVE-2021-39537 https://www.suse.com/security/cve/CVE-2021-39537.html
NSS CVE-2021-43527 https://www.suse.com/security/cve/CVE-2021-43527.html
OpenSSH CVE-2015-5600 https://www.suse.com/security/cve/CVE-2015-5600.html
CVE-2015-6564 https://www.suse.com/security/cve/CVE-2015-6564.html
pgjdbc CVE-2022-21724 https://nvd.nist.gov/vuln/detail/CVE-2022-21724
rsync CVE-2022-29154 https://www.suse.com/security/cve/CVE-2022-29154.html
snakeyaml CVE-2022-25857 https://nvd.nist.gov/vuln/detail/CVE-2022-25857
Apache:commons-text CVE-2022-42889 https://nvd.nist.gov/vuln/detail/CVE-2022-42889
woodstox-core CVE-2022-40151 https://nvd.nist.gov/vuln/detail/CVE-2022-40151
Fasterxml:jackson-databind CVE-2022-42003 https://nvd.nist.gov/vuln/detail/CVE-2022-42003
Third-Party Component CVEs More information

Apache cxf

CVE-2021-22696

https://nvd.nist.gov/vuln/detail/CVE-2021-22696
CVE-2021-30468
 
https://nvd.nist.gov/vuln/detail/CVE-2021-30468
CVE-2021-40690 https://nvd.nist.gov/vuln/detail/CVE-2021-40690
Apache tomcat CVE-2020-9484 https://nvd.nist.gov/vuln/detail/CVE-2020-9484
CVE-2022-23181 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
CVE-2022-29885 https://nvd.nist.gov/vuln/detail/CVE-2022-29885
ESAPI CVE-2022-23457 https://nvd.nist.gov/vuln/detail/CVE-2022-23457
git-core CVE-2021-40330 https://www.suse.com/security/cve/CVE-2021-40330
grub2 CVE-2021-3695 https://www.suse.com/security/cve/CVE-2021-3695.html
CVE-2021-3696 https://www.suse.com/security/cve/CVE-2021-3696.html
CVE-2021-3697 https://www.suse.com/security/cve/CVE-2021-3697.html
CVE-2022-28733 https://www.suse.com/security/cve/CVE-2022-28733.html
CVE-2022-28734 https://www.suse.com/security/cve/CVE-2022-28734.html
CVE-2022-28736 https://www.suse.com/security/cve/CVE-2022-28736.html
gstreamer CVE-2021-3522 https://www.suse.com/security/cve/CVE-2021-3522.html
jackson-databind CVE-2019-14379 https://nvd.nist.gov/vuln/detail/CVE-2019-14379
CVE-2019-14540 https://nvd.nist.gov/vuln/detail/cve-2019-14540
CVE-2019-14892 https://nvd.nist.gov/vuln/detail/CVE-2019-14892
CVE-2019-14893 https://nvd.nist.gov/vuln/detail/CVE-2019-14893
CVE-2019-16335 https://nvd.nist.gov/vuln/detail/CVE-2019-16335
CVE-2019-16942 https://nvd.nist.gov/vuln/detail/CVE-2019-16942
CVE-2019-16943 https://nvd.nist.gov/vuln/detail/CVE-2019-16943
CVE-2019-17267 https://nvd.nist.gov/vuln/detail/CVE-2019-17267
CVE-2019-17531 https://nvd.nist.gov/vuln/detail/CVE-2019-17531
CVE-2020-36518 https://suse.com/security/cve/CVE-2020-36518.html
Java CVE-2022-21277 https://nvd.nist.gov/vuln/detail/CVE-2022-21540
CVE-2022-21540 https://nvd.nist.gov/vuln/detail/CVE-2022-21277
CVE-2022-21541 https://nvd.nist.gov/vuln/detail/CVE-2022-21541
CVE-2022-34169 https://nvd.nist.gov/vuln/detail/CVE-2022-34169
kernel-default-base CVE-2020-36557 https://www.suse.com/security/cve/CVE-2020-36557.html
CVE-2020-36558
 
https://www.suse.com/security/cve/CVE-2020-36558.html
CVE-2021-33655 https://www.suse.com/security/cve/CVE-2021-33655.html
CVE-2021-33656 https://www.suse.com/security/cve/CVE-2021-33656.html
CVE-2021-45095 https://www.suse.com/security/cve/CVE-2021-45095.html
CVE-2022-1462 https://www.suse.com/security/cve/CVE-2022-1462.html
CVE-2022-20166 https://www.suse.com/security/cve/CVE-2022-20166.html
CVE-2022-36946 https://www.suse.com/security/cve/CVE-2022-36946.html
libp11-kit0 CVE-2020-29362 https://www.suse.com/security/cve/CVE-2020-29362.html
libpcre2 CVE-2022-1587 https://www.suse.com/security/cve/CVE-2022-1587.html
libpq5 CVE-2022-2625 https://www.suse.com/security/cve/CVE-2022-2625.html
libz1 CVE-2022-37434 https://www.suse.com/security/cve/CVE-2022-37434.html
ncurses CVE-2022-29458 https://www.suse.com/security/cve/CVE-2022-29458.html
CVE-2021-39537 https://www.suse.com/security/cve/CVE-2021-39537.html
NSS CVE-2021-43527 https://www.suse.com/security/cve/CVE-2021-43527.html
OpenSSH CVE-2015-5600 https://www.suse.com/security/cve/CVE-2015-5600.html
CVE-2015-6564 https://www.suse.com/security/cve/CVE-2015-6564.html
pgjdbc CVE-2022-21724 https://nvd.nist.gov/vuln/detail/CVE-2022-21724
rsync CVE-2022-29154 https://www.suse.com/security/cve/CVE-2022-29154.html
snakeyaml CVE-2022-25857 https://nvd.nist.gov/vuln/detail/CVE-2022-25857
Apache:commons-text CVE-2022-42889 https://nvd.nist.gov/vuln/detail/CVE-2022-42889
woodstox-core CVE-2022-40151 https://nvd.nist.gov/vuln/detail/CVE-2022-40151
Fasterxml:jackson-databind CVE-2022-42003 https://nvd.nist.gov/vuln/detail/CVE-2022-42003
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
Product Affected Versions Updated Version Link to Update
Dell Secure Connect Gateway 5.00.00.10
5.00.05.10
5.00.07.10
5.10.00.10
5.12.00.10
5.14.00.10 https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers
 
Product Affected Versions Updated Version Link to Update
Dell Secure Connect Gateway 5.00.00.10
5.00.05.10
5.00.07.10
5.10.00.10
5.12.00.10
5.14.00.10 https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers
 
Revision History

RevisionDateDescription
1.02022-11-10Initial Release
   

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition

Last Published Date

10 Nov 2022

Version

3

Article Type

Dell Security Advisory