DSA-2024-141: Security Update for Dell ECS 3.8.1 Multiple Vulnerabilities

Summary: Dell ECS 3.8.1.0 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component CVEs More Information
Apache Ant CVE-2021-36374, CVE-2020-1945, CVE-2021-36373, CVE-2020-11979 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Apache Hadoop CVE-2021-25642, CVE-2022-25168, CVE-2021-33036, CVE-2021-33036, CVE-2021-37404, CVE-2022-26612 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Apache HttpClient CVE-2020-13956 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Apache Log4j CVE-2022-23307, CVE-2022-23305, CVE-2022-23302, CVE-2021-4104, CVE-2020-9493, CVE-2020-9488 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Apache Zookeeper CVE-2020-10663 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Apache2 CVE-2022-36760, CVE-2022-37436, CVE-2023-25690 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
AWS Java SDK CVE-2022-31159 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
AWS SDK for Go CVE-2020-8911, CVE-2020-8912 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2023-2828, CVE-2022-2795, CVE-2022-38177, CVE-2022-38178, CVE-2021-3530, CVE-2021-3648, CVE-2021-3826, CVE-2021-45078, CVE-2021-46195, CVE-2022-27943, CVE-2022-38126, CVE-2022-38127, CVE-2022-38533 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
cas-server CVE-2021-42567 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
com.fasterxml.jackson.core_jackson-databind CVE-2023-35116 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
com.google.guava_guava CVE-2023-2976 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
com.hazelcast_hazelcast CVE-2022-36437, CVE-2023-33264 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
com.squareup.okhttp3_okhttp CVE-2023-0833 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
com.squareup.okio_okio CVE-2023-3635 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Commons IO CVE-2021-29425 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
commons-fileupload_commons-fileupload CVE-2023-24998 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Commons-net CVE-2021-37533 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
containerd CVE-2022-29162, CVE-2022-31030, CVE-2022-23471 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-43552, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
dbus CVE-2022-42010, CVE-2022-42011, CVE-2022-42012 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
dmidecode CVE-2023-30630 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
docker CVE-2022-36109, CVE-2023-28840, CVE-2023-28841, CVE-2023-28842 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
docker-distribution-registry CVE-2023-2253 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
emacs CVE-2022-45939, CVE-2022-48337, CVE-2022-48339 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
expat CVE-2022-40674, CVE-2022-43680 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-23946, CVE-2022-23521, CVE-2022-41903, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007, CVE-2023-22490, CVE-2022-29187 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2021-28153 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
go CVE-2023-39533, CVE-2021-27918, CVE-2022-1962, CVE-2022-30630, CVE-2020-29511, CVE-2021-38297, CVE-2022-30633, CVE-2020-29509, CVE-2021-44716, CVE-2022-30631, CVE-2021-3114, CVE-2022-23773, CVE-2022-28131, CVE-2022-32148, CVE-2020-28366, CVE-2021-33194, CVE-2021-33196, CVE-2021-33197, CVE-2022-23772, CVE-2022-30580, CVE-2022-30632, CVE-2022-1705, CVE-2021-41771, CVE-2021-33195, CVE-2021-36221, CVE-2022-28327, CVE-2023-29409, CVE-2023-29406, CVE-2023-24532, CVE-2022-2880, CVE-2023-29402, CVE-2023-24534, CVE-2022-41717 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
golang.org/x/net This hyperlink is taking you to a website outside of Dell Technologies. CVE-2022-41721 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
golang.org/x/sys This hyperlink is taking you to a website outside of Dell Technologies. CVE-2022-29526 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
golang.org/x/text This hyperlink is taking you to a website outside of Dell Technologies. CVE-2022-32149 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
google-gson CVE-2022-25647 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
gpg2 CVE-2022-34903 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Grafana  CVE-2022-21702, CVE-2022-26148 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Guava: Google Core Libraries for Java CVE-2020-8908 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
io.netty_netty CVE-2023-34462, CVE-2022-41881, CVE-2022-41915, CVE-2023-44487 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
jackson-databind CVE-2022-42003, CVE-2022-42004, CVE-2020-36518, CVE-2020-25649, CVE-2021-20190, CVE-2020-36183, CVE-2020-36180, CVE-2020-36179, CVE-2020-36182, CVE-2020-36186, CVE-2020-36189, CVE-2020-36188, CVE-2020-36181, CVE-2020-36185, CVE-2020-36187, CVE-2020-36184, CVE-2020-35728, CVE-2020-35490, CVE-2020-35491, CVE-2020-24750, CVE-2020-24616, CVE-2020-14195, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-11619, CVE-2020-11620, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-10969, CVE-2020-10968, CVE-2020-10673, CVE-2020-10672, CVE-2020-9546, CVE-2020-9548, CVE-2020-9547, CVE-2020-8840 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Java CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843, CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Jettison – Json Stax implementation CVE-2022-40150, CVE-2022-40149 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server CVE-2022-2047, CVE-2022-2048, CVE-2021-34428, CVE-2021-28169, CVE-2021-28165, CVE-2020-27223, CVE-2020-27218, CVE-2020-27216 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Jinja CVE-2020-28493  See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
JSON-java CVE-2022-45688 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
json-smart CVE-2023-1370 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
JUnit CVE-2020-15250 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
kardianos-service CVE-2022-29583 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2021-33655, CVE-2021-33656, CVE-2022-1462, CVE-2020-36516, CVE-2020-36557, CVE-2020-36558, CVE-2022-20166, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-2588, CVE-2022-26373, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-36879, CVE-2022-36946, CVE-2021-4037, CVE-2022-2153, CVE-2022-28693, CVE-2022-28748, CVE-2022-2964, CVE-2022-3169, CVE-2022-3424, CVE-2022-3521, CVE-2022-3524, CVE-2022-3542, CVE-2022-3545, CVE-2022-3565, CVE-2022-3567, CVE-2022-3586, CVE-2022-3594, CVE-2022-3621, CVE-2022-3628, CVE-2022-3629, CVE-2022-3635, CVE-2022-3643, CVE-2022-3646, CVE-2022-3649, CVE-2022-3903, CVE-2022-40307, CVE-2022-40768, CVE-2022-4095, CVE-2022-41848, CVE-2022-41850, CVE-2022-41858, CVE-2022-42328, CVE-2022-42329, CVE-2022-42703, CVE-2022-42895, CVE-2022-42896, CVE-2022-43750, CVE-2022-4378, CVE-2022-45934, CVE-2022-2991, CVE-2022-4129, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-23559, CVE-2023-26545, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1380, CVE-2023-2176, CVE-2023-2194, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32269, CVE-2020-26541, CVE-2021-26341, CVE-2021-4157, CVE-2022-1184, CVE-2022-1679, CVE-2022-1729, CVE-2022-1974, CVE-2022-1975, CVE-2022-20132, CVE-2022-20141, CVE-2022-20154, CVE-2022-21499, CVE-2022-2318, CVE-2022-26365, CVE-2022-29900, CVE-2022-29901, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33981 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2022-2503, CVE-2022-2663, CVE-2022-3239, CVE-2022-39188, CVE-2022-41218, CVE-2022-3564, CVE-2022-4662, CVE-2022-47929, CVE-2023-23454, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-0590 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
keycloak CVE-2022-2256, CVE-2022-0225, CVE-2021-3754, CVE-2021-3827, CVE-2022-1245, CVE-2022-1466, CVE-2021-20323, CVE-2021-3424 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Kotlin CVE-2022-24329, CVE-2020-29582 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
kpartx CVE-2022-41974 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
krb CVE-2022-42898 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libapr-util1 CVE-2022-25147 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libcroco CVE-2020-12825 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libharfbuzz CVE-2023-25193 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libjson CVE-2020-12762 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libksba CVE-2022-47629, CVE-2022-3515 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libopenssl1_1 CVE-2020-1971, CVE-2021-23840, CVE-2021-23841, CVE-2021-3449, CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2022-1292, CVE-2022-2097, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0465, CVE-2023-0466 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libpcre2 CVE-2022-1587 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libpixman CVE-2022-44638 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libsqlite3 CVE-2021-36690, CVE-2022-35737 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libtasn CVE-2021-46848 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libtiff CVE-2022-0561, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-34266, CVE-2022-34526, CVE-2022-3597, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970, CVE-2022-48281 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libtirpc CVE-2021-46828 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libX11-6 CVE-2023-3138 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2022-40303, CVE-2022-40304 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libxslt CVE-2021-30560 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
libz1 CVE-2022-37434 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
MySQL Connector/J CVE-2021-44533, CVE-2021-44531, CVE-2021-44532, CVE-2022-21363, CVE-2021-2471, CVE-2021-3450, CVE-2020-1967 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Netty Project CVE-2022-24823, CVE-2021-43797, CVE-2021-21290, CVE-2021-37136, CVE-2021-37137, CVE-2021-21409, CVE-2021-21295, CVE-2020-11612, CVE-2020-7238 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2022-2068, CVE-2022-4304, CVE-2023-0464, CVE-2023-2650 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.apache.commons_commons-text CVE-2022-42889 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.apache.ivy_ivy CVE-2022-37866, CVE-2022-37865, CVE-2022-46751 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.codehaus.jettison_jettison CVE-2023-1436 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.eclipse.jetty_jetty CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-26048, CVE-2023-26049 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.xerial.snappy_snappy-java CVE-2023-43642, CVE-2023-34455, CVE-2023-34454, CVE-2023-34453 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
org.xerial_sqlite-jdbc CVE-2023-32697 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
pac4j core CVE-2021-44878 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
paramiko CVE-2022-24302 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
pcre CVE-2022-1586 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
perl CVE-2023-31484 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
py CVE-2020-29651 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2020-25658, CVE-2021-28861, CVE-2023-24329, CVE-2020-10735, CVE-2022-45061, CVE-2022-40899, CVE-2023-40217, CVE-2023-41105 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
python3-urllib3 CVE-2018-18074 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
python3-urllib3 CVE-2020-26116, CVE-2020-26137, CVE-2022-42969, CVE-2021-33503 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
rsyslog CVE-2022-24903 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
runc CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
shadow CVE-2023-29383 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
SnakeYAML CVE-2022-1471, CVE-2022-41854, CVE-2022-38750, CVE-2022-38752, CVE-2022-38751, CVE-2022-38749, CVE-2022-25857 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Spring Security CVE-2023-20862, CVE-2022-31690, CVE-2022-22976, CVE-2022-22978, CVE-2023-34035, CVE-2023-34034 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Sqlite CVE-2022-46908 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2022-43995, CVE-2023-22809, CVE-2023-28486, CVE-2023-28487 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
systemd CVE-2022-3821, CVE-2022-4415, CVE-2023-26604 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
telnet CVE-2022-39028 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
ucode-intel CVE-2022-21233, CVE-2022-21216, CVE-2022-33196, CVE-2022-38090, CVE-2022-33972 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
urllib CVE-2023-43804, CVE-2023-45803, CVE-2023-1175, CVE-2023-1170, CVE-2023-1127, CVE-2023-0512, CVE-2023-0433, CVE-2023-0288, CVE-2023-0054, CVE-2023-0051, CVE-2023-0049, CVE-2022-4293, CVE-2022-4292, CVE-2022-4141, CVE-2021-3778, CVE-2021-3796, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2022-3705, CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4136, CVE-2021-4166, CVE-2021-4192, CVE-2021-4193, CVE-2022-0128, CVE-2022-0213, CVE-2022-3591, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0407, CVE-2022-0413, CVE-2022-0696, CVE-2022-1381, CVE-2022-1420, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1720, CVE-2022-1733, CVE-2022-1735, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1897, CVE-2022-1898, CVE-2022-1927, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-3520, CVE-2022-2129, CVE-2022-3491, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-3352, CVE-2022-3324, CVE-2022-2522, CVE-2022-2571, CVE-2022-2580, CVE-2022-2581, CVE-2022-3297, CVE-2022-3296, CVE-2022-2598, CVE-2022-3278, CVE-2022-3235, CVE-2022-3234, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
Woodstox CVE-2022-40151, CVE-2022-40152, CVE-2022-40153 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
XStream CVE-2022-41966 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.
xz CVE-2022-1271 See NVD link below for Individual scores for each CVE.
https://nvd.nist.gov This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.0 Version 3.8.1.0 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request-https://www.dell.com/support/incidents-online/contactus/dynamic
Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.0 Version 3.8.1.0 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request-https://www.dell.com/support/incidents-online/contactus/dynamic

Revision History

RevisionDateDescription
1.02024-04-04Initial Release
2.02024-04-04Added "Java" to the Third Party Component Table
3.02024-04-05Added libxml2 to the Third Party Component Table 
4.02024-04-12Updated for enhanced presentation with no changes to content.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

ECS, ECS Appliance, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ECS Software
Article Properties
Article Number: 000223839
Article Type: Dell Security Advisory
Last Modified: 12 Apr 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.