Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

DSA-2024-010: Security Update for Dell Data Protection Central for Multiple Third-Party Vulnerabilities

Summary: Dell Data Protection Central remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 

Impact

Critical

Details

Third-party Component CVEs More Information
IAM service
 
CVE-2023-36054, CVE-2023-4039, CVE-2023-38039, CVE-2023-25193, CVE-2018-9234, CVE-2023-40217, CVE-2023-31484, CVE-2023-21930, CVE-2023-34035, CVE-2023-24329, CVE-2023-28322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
node.js CVE-2022-35255, CVE-2023-32002, CVE-2022-43548, CVE-2023-30589, CVE-2023-23918, CVE-2022-32212 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat CVE-2023-28709 https://nvd.nist.gov/vuln/detail/CVE-2023-28709 This hyperlink is taking you to a website outside of Dell Technologies.
get-func-name CVE-2023-43646 https://nvd.nist.gov/vuln/detail/CVE-2023-43646 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
cookiejar CVE-2022-25901 https://nvd.nist.gov/vuln/detail/CVE-2022-25901 This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
Okio CVE-2023-3635 https://nvd.nist.gov/vuln/detail/CVE-2023-3635 This hyperlink is taking you to a website outside of Dell Technologies.
spring boot CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
spring security CVE-2023-34034 https://nvd.nist.gov/vuln/detail/CVE-2023-34034) This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.10 Release Notes’ in Dell Data Protection Central 19.10 Release Notes | Dell US

Revision History

RevisionDateDescription
1.02024-01-17Initial Release

Related Information

Affected Products

Data Protection Central
Article Properties
Article Number: 000221194
Article Type: Dell Security Advisory
Last Modified: 17 Jan 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.