Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

DSA-2024-102: Security Update for Dell Technologies PowerProtect DD Vulnerabilities

Summary: Dell Technologies PowerProtect DD remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 

Impact

High

Details

Third-party Component  

CVEs 

More Information 

libxml2 

CVE-2023-29469, CVE-2023-28484, CVE-2022-40304, CVE-2022-40303 

See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

python-wheel 

CVE-2022-40898 

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

cloud-init 

CVE-2023-1786 

See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

python-certifi 

CVE-2022-23491 

See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL 

CVE-2022-4304 

See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Software/Firmware Affected Versions Remediated Versions Link
Dell PowerProtect DD series appliances DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD series appliances DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD series appliances DDOS LTS 2022 7.7 Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS LTS 2022 7.7 Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS LTS 2022 7.7 >Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
PowerProtect DP Series Appliance - IDPA (Integrated Data Protection Appliance): All Models PowerProtect Data Protection Software Versions prior to  2.7.6 Version 2.7.6 or later, DD OS 7.10.1.20 PowerProtect DP Series Appliance IDPA Drivers & Downloads

Data Domain: DD OS Software Versions KB Article for more details about DDOS versions available for download. (Dell Support requires log in to view article.)
PowerProtect Data Manager Appliance model: DM5500 DDOS Versions prior to 5.15.0.0 Version 5.15.0.0 or later Link to download (requires log in to Dell Support)
Product Software/Firmware Affected Versions Remediated Versions Link
Dell PowerProtect DD series appliances DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD series appliances DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD series appliances DDOS LTS 2022 7.7 Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell PowerProtect DD Virtual Edition DDOS LTS 2022 7.7 Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS Versions 7.0 through 7.12 Version 7.13.0.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS LTS 2023 7.10 Versions 7.10.1.0 through 7.10.1.15 Version 7.10.1.20 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
Dell APEX Protection Storage DDOS LTS 2022 7.7 >Versions 7.7.5.1 through 7.7.5.25 Version 7.7.5.30 or later See link for more details about DDOS versions available for download (requires log in to Dell Support to view article)
PowerProtect DP Series Appliance - IDPA (Integrated Data Protection Appliance): All Models PowerProtect Data Protection Software Versions prior to  2.7.6 Version 2.7.6 or later, DD OS 7.10.1.20 PowerProtect DP Series Appliance IDPA Drivers & Downloads

Data Domain: DD OS Software Versions KB Article for more details about DDOS versions available for download. (Dell Support requires log in to view article.)
PowerProtect Data Manager Appliance model: DM5500 DDOS Versions prior to 5.15.0.0 Version 5.15.0.0 or later Link to download (requires log in to Dell Support)

For more details about DDOS versions available for download, see the links below (requires log in to Dell Support to view articles): 

The Integrated Data Protection Appliance product team has confirmed impact and is preparing a remedy. Dell will update this Security Advisory once we have a remedy in place. 

Please also see: 

Workarounds & Mitigations

None

Revision History

RevisionDateDescription
1.02024-03-19Initial Release
2.02024-03-21Updated "Affected Product" section under "Article Properties"
3.02024-04-15Updated wording for a uniform reading
4.02024-05-22Updated the Affected Products and Remediation section: PowerProtect DP Series Appliance - IDPA (Integrated Data Protection Appliance): All Models Remediated Versions and update link

Related Information

Affected Products

Data Domain, Data Domain, DD OS 7.0, DD OS 7.1, DD OS 7.10, DD OS 7.11, DD OS 7.12, DD OS 7.13, DD OS 7.2, DD OS 7.3, DD OS 7.4, DD OS 7.5, DD OS 7.6, DD OS 7.7, DD OS 7.8, DD OS 7.9, Data Domain Virtual Edition, PowerProtect Data Protection Software , Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, PowerProtect DM5500 ...
Article Properties
Article Number: 000223029
Article Type: Dell Security Advisory
Last Modified: 23 May 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.