Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000208261


DSA-2022-359 Dell Avamar, Dell NetWorker Virtual Edition (NVE), and Dell PowerProtect DP Series Appliance or Dell Integrated Data Protection Appliance (IDPA) Security Update for Multiple Vulnerabilities

Summary: Dell Avamar, Dell NetWorker Virtual Edition (NVE), and Dell PowerProtect DP Series Appliance or Dell Integrated Data Protection Appliance (IDPA) remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Article Content


Impact

Critical

Details

Third-party Component CVEs More Information
Multiple third-party Components See Release Notes 2022R4 Release Notes
Third-party Component CVEs More Information
Multiple third-party Components See Release Notes 2022R4 Release Notes
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed  Product Affected Versions Updated Versions Link to Update
Multiple third-party Components
See Release Notes
Dell Avamar Server Hardware Appliance Gen4S, Gen4T, or
Gen5A
Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp        
Dell Avamar Virtual Edition Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp 
Dell Avamar NDMP Accelerator Version 19.3, and 19.4 running SUSE Linux Enterprise 12 SP4 Version 19.3, and 19.4 running SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4
Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
Dell Avamar VMware Image Proxy Version 19.3 running SUSE Linux Enterprise 12 SP4 Version 19.3 running SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4 Avamar Proxy Bundle 2022-R4-v6
Version 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
Dell NetWorker Virtual Edition (NVE) Versions 19.4.x, 19.5.x, 19.6.x, 19.7.x, and 19.8.x running SUSE Linux Enterprise 12 SP5 Versions 19.4, 19.5, 19.6, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4 NvePlatformOsRollup_2022-R4-v6.avp
Dell PowerProtect DP Series Appliance or Dell Integrated Data Protection Appliance (IDPA) Version 2.5 running on SUSE Linux Enterprise 12 SP4 Version 2.5 running on SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp 
Version 2.6.x, and 2.7.x running on SUSE Linux Enterprise 12 SP5 Version 2.6.x, and 2.7.x on SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
CVEs Addressed  Product Affected Versions Updated Versions Link to Update
Multiple third-party Components
See Release Notes
Dell Avamar Server Hardware Appliance Gen4S, Gen4T, or
Gen5A
Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp        
Dell Avamar Virtual Edition Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp 
Dell Avamar NDMP Accelerator Version 19.3, and 19.4 running SUSE Linux Enterprise 12 SP4 Version 19.3, and 19.4 running SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4
Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.3, 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
Dell Avamar VMware Image Proxy Version 19.3 running SUSE Linux Enterprise 12 SP4 Version 19.3 running SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4 Avamar Proxy Bundle 2022-R4-v6
Version 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 Version 19.4, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
Dell NetWorker Virtual Edition (NVE) Versions 19.4.x, 19.5.x, 19.6.x, 19.7.x, and 19.8.x running SUSE Linux Enterprise 12 SP5 Versions 19.4, 19.5, 19.6, 19.7, and 19.8 running SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4 NvePlatformOsRollup_2022-R4-v6.avp
Dell PowerProtect DP Series Appliance or Dell Integrated Data Protection Appliance (IDPA) Version 2.5 running on SUSE Linux Enterprise 12 SP4 Version 2.5 running on SUSE Linux Enterprise 12 SP4 with the latest operating system Security Rollup 2022R4 AvPlatformOsRollup_2022-R4-v6.avp 
Version 2.6.x, and 2.7.x running on SUSE Linux Enterprise 12 SP5 Version 2.6.x, and 2.7.x on SUSE Linux Enterprise 12 SP5 with the latest operating system Security Rollup 2022R4
The CVEs remedied by this security update are listed in the Release Notes. The Release Notes lists not only the new CVEs remedied by this update, but all the past CVEs in this cumulative update.  

The Security Update (Rollup) applies to all Avamar products running on the SLES platforms listed above. The products include Avamar single-node servers, multinode servers, accelerator nodes, Avamar Virtual Edition systems, and Avamar Combined Proxy.
See the following Dell KB articles for Security Update (Rollup) Installation instructions: To schedule platform security patch installation, or to upgrade your server, contact Dell Customer Support at https://support.emc.com/.

Revision History

RevisionDateDescription
1.02023-02-03Initial Release
2.02023-03-13Added note to  Additional information section and Updated the "Affected Products" section under "Article Properties 
2.12023-03-24Reformatted for improved presentation without any changes to content.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product
Avamar, NetWorker Family, Avamar, Avamar Client, Avamar Data Store Gen4, Avamar Data Store Gen4S, Avamar Data Store Gen4T, Avamar Data Store Gen5A, Avamar Plug-in for NDMP, Avamar Server, Avamar Virtual Edition, PowerProtect DP4400 , PowerProtect DP5300, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Integrated Data Protection Appliance Software, NetWorker, NetWorker Series, PowerProtect DD6400, PowerProtect Software ...
Last Published Date

24 Mar 2023

Version

6

Article Type

Dell Security Advisory