DSA-2023-439: Security Update for Dell PowerProtect Data Manager for Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

PPDM Core CVE details:

Third-party Component CVEs More Information
jackson-databind2.15.0 CVE-2023-35116 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Apache HttpMime4.3.1 CVE-2020-15250, CVE-2020-13956, CVE-2015-5262, CVE-2014-3577 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Bouncy Castle Provider1.73 CVE-2023-33201 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
H2 Database Engine2.1.214 CVE-2022-45868 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Janino3.1.9 CVE-2023-33546 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
JSON-java20140107 CVE-2022-45688 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
jsoup1.14.2 CVE-2022-36033 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Netty Project4.1.92 CVE-2023-34462 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
OkIO1.13.0 CVE-2023-3635 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
OkIO2.8.0 CVE-2023-3635 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
OkIO1.6.0 CVE-2023-3635 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
snappy-java1.1.8.4 CVE-2023-34455, CVE-2023-34454,CVE-2023-34453 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Spring HATEOAS1.5.4 CVE-2023-34036 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Spring Security5.7.8 CVE-2023-34034 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Thymeleaf3.0.15.RELEASE CVE-2023-38286 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Apache Commons Compress1.22 CVE-2023-42503 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat9.0.80 CVE-2023-42794,CVE-2023-45648,CVE-2023-42795 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Netty Project4.1.97 CVE-2023-44487 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Kubernetes cProxy CVE details :
Third-party Component CVEs More Information
Container suse/sle15:15.4 CVE-2023-4813 , CVE-2023-22652, CVE-2023-32181, CVE-2023-38039, CVE-2023-30078 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Containersuse/sles12sp5 CVE-2023-44487, CVE-2023-45853 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Proxy/Search/K8S for Golang CVE details:
Third-party Component CVEs More Information
golang CVE-2023-39323, CVE-2023-29405 , CVE-2023-29404, CVE-2023-29402, CVE-2023-29403, CVE-2023-39533, CVE-2023-29406, CVE-2023-29406, CVE-2023-29409 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
golang.org/x/net CVE-2023-44487 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

PPDM-UI CVE details:
Third-party Component CVEs More Information
Node.js CVE-2023-32002, CVE-2023-32004, CVE-2023-32558, CVE-2023-32006, CVE-2023-32559, CVE-2023-32005, CVE-2023-32003 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
node-semver CVE-2022-25883 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
node-xml2js CVE-2023-0842 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
tough-cookie CVE-2023-26136 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
@cypress/request CVE-2023-28155 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.


PPDM Cloud Disaster Recovery CVE details:
Third-party Component CVEs More Information
Spring Boot2.7.8 CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
OkIO1.15.0 CVE-2023-3635 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
OkIO2.8.0 CVE-2023-3635 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
snappy-java1.1.10.3 CVE-2023-43642 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Spring Security5.7.8 CVE-2023-34034 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Thymeleaf3.0.15.RELEASE CVE-2023-38286 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Cloud Snapshot ManagerCVE details :
Third-party Component CVEs More Information
gorm v1.9.8 CVE-2019-15562 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
golang/text v0.3.5 CVE-2022-32149, CVE-2021-38561 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
golang/text v0.3.6 CVE-2021-38561, CVE-2022-32149 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
git lfs 2.13.3 CVE-2022-24826 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.


Operating System Components CVE Details:
Third-party Component CVEs More Information
bind-utils=9.16.44-150400.5.37.2
python3-bind=9.16.44-150400.5.37.2		 CVE-2022-0396, CVE-2022-3080, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924, CVE-2023-2828, CVE-2023-2911, CVE-2023-3341 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
binutils=2.41-150100.7.46.1,libctf-nobfd0=2.41-150100.7.46.1, libctf0=2.41-150100.7.46.1 CVE-2022-27943, CVE-2022-35205, CVE-2022-35206, CVE-2022-38126, CVE-2022-38127, CVE-2022-38533, CVE-2022-4285, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696, CVE-2022-48063, CVE-2022-48064, CVE-2022-48065, CVE-2023-0687, CVE-2023-1579, CVE-2023-1972, CVE-2023-2222, CVE-2023-25585, CVE-2023-25587, CVE-2023-25588 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
busybox-static=1.35.0-150400.3.11.1 CVE-2022-30065, CVE-2022-48174 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cifs-utils=6.15-150400.3.9.1 CVE-2022-27239 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cloud-init-config-suse=23.1-150100.8.66.1,cloud-init=23.1-150100.8.66.1 CVE-2022-2084 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
containerd=1.6.21-150000.95.1 CVE-2022-23648 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cups-config=2.2.7-150000.3.51.2,libcups2=2.2.7-150000.3.51.2 CVE-2022-26691, CVE-2023-32360, CVE-2023-34241, CVE-2023-4504 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
curl=8.0.1-150400.5.32.1,libcurl4=8.0.1-150400.5.32.1 CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-32001, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
dbus-1=1.12.2-150400.18.8.1,libdbus-1-3=1.12.2-150400.18.8.1 CVE-2022-42011, CVE-2022-42012, CVE-2023-34969 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
docker=24.0.5_ce-150000.185.1 CVE-2023-28840, CVE-2023-28841, CVE-2023-28842 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
gawk=4.2.1-150000.3.3.1 CVE-2023-4156 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
git-core=2.35.3-150300.10.30.1 CVE-2022-23521, CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2022-41903, CVE-2023-22490, CVE-2023-23946, CVE-2023-25815, CVE-2023-29007 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
glibc-extra=2.31-150300.63.1,glibc-lang=2.31-150300.63.1,glibc-locale-base=2.31-150300.63.1,glibc-locale=2.31-150300.63.1, glibc=2.31-150300.63.1 CVE-2023-0687, CVE-2023-4813 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
grub2-i386-pc=2.06-150400.11.33.1,grub2-snapper-plugin=2.06-150400.11.33.1, grub2-systemd-sleep-plugin=2.06-150400.11.33.1, grub2-x86_64-efi=2.06-150400.11.33.1, grub2=2.06-150400.11.33.1 CVE-2022-28735 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
java-17-openjdk-headless=17.0.8.1-150400.3.30.1 CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21628, CVE-2022-34169, CVE-2022-39399, CVE-2023-21835, CVE-2023-21843, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968, CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default=5.14.21-150400.24.92.1 CVE-2022-0001, CVE-2022-0002, CVE-2022-0168, CVE-2022-0171, CVE-2022-0185, CVE-2022-0264, CVE-2022-0322, CVE-2022-0330, CVE-2022-0382, CVE-2022-0435, CVE-2022-0487, CVE-2022-0492, CVE-2022-0494, CVE-2022-0500, CVE-2022-0516, CVE-2022-0617, CVE-2022-0644, CVE-2022-0742, CVE-2022-0847, CVE-2022-0854, CVE-2022-0886, CVE-2022-0995, CVE-2022-0998, CVE-2022-1011, CVE-2022-1012, CVE-2022-1015, CVE-2022-1016, CVE-2022-1048, CVE-2022-1055, CVE-2022-1158, CVE-2022-1184, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1263, CVE-2022-1280, CVE-2022-1462, CVE-2022-1508, CVE-2022-1516, CVE-2022-1651, CVE-2022-1652, CVE-2022-1671, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1789, CVE-2022-1836, CVE-2022-1852, CVE-2022-1882, CVE-2022-1966, CVE-2022-1972, CVE-2022-1974, CVE-2022-1975, CVE-2022-1998, CVE-2022-20008, CVE-2022-20132, CVE-2022-20154, CVE-2022-20368, CVE-2022-20369, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21499, CVE-2022-21505, CVE-2022-2153, CVE-2022-2196, CVE-2022-22942, CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042, CVE-2022-2318, CVE-2022-23222, CVE-2022-23960, CVE-2022-24122, CVE-2022-24448, CVE-2022-24958, CVE-2022-24959, CVE-2022-25258, CVE-2022-25375, CVE-2022-25636, CVE-2022-2585, CVE-2022-2586, CVE-2022-2588, CVE-2022-2602, CVE-2022-26365, CVE-2022-26373, CVE-2022-2639, CVE-2022-26490, CVE-2022-2663, CVE-2022-26878, CVE-2022-26966, CVE-2022-27223, CVE-2022-28356, CVE-2022-28390, CVE-2022-28693, CVE-2022-2873, CVE-2022-28748, CVE-2022-28893, CVE-2022-2905, CVE-2022-29156, CVE-2022-2938, CVE-2022-29581, CVE-2022-29582, CVE-2022-2959, CVE-2022-2977, CVE-2022-2978, CVE-2022-29900, CVE-2022-29901, CVE-2022-3028, CVE-2022-30594, CVE-2022-3078, CVE-2022-3104, CVE-2022-3105, CVE-2022-3106, CVE-2022-3107, CVE-2022-3108, CVE-2022-3111, CVE-2022-3112, CVE-2022-3113, CVE-2022-3114, CVE-2022-3115, CVE-2022-3169, CVE-2022-3176, CVE-2022-3202, CVE-2022-32250, CVE-2022-32296, CVE-2022-3239, CVE-2022-3303, CVE-2022-3344, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33743, CVE-2022-33981, CVE-2022-3424, CVE-2022-3435, CVE-2022-34918, CVE-2022-3521, CVE-2022-3523, CVE-2022-3524, CVE-2022-3526, CVE-2022-3535, CVE-2022-3542, CVE-2022-3545, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3577, CVE-2022-3586, CVE-2022-3594, CVE-2022-3619, CVE-2022-3621, CVE-2022-3625, CVE-2022-3628, CVE-2022-36280, CVE-2022-3629, CVE-2022-3633, CVE-2022-3635, CVE-2022-3640, CVE-2022-3643, CVE-2022-3646, CVE-2022-3649, CVE-2022-36879, CVE-2022-36946, CVE-2022-3707, CVE-2022-38096, CVE-2022-3903, CVE-2022-39188, CVE-2022-39189, CVE-2022-39190, CVE-2022-40476, CVE-2022-40768, CVE-2022-4095, CVE-2022-40982, CVE-2022-41218, CVE-2022-4129, CVE-2022-4139, CVE-2022-41674, CVE-2022-41848, CVE-2022-41849, CVE-2022-41850, CVE-2022-41858, CVE-2022-42328, CVE-2022-4269, CVE-2022-42703, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722, CVE-2022-42896, CVE-2022-43750, CVE-2022-4378, CVE-2022-4379, CVE-2022-4382, CVE-2022-45869, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45888, CVE-2022-45919, CVE-2022-45934, CVE-2022-4662, CVE-2022-4744, CVE-2022-47520, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0386, CVE-2023-0394, CVE-2023-0459, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1192, CVE-2023-1206, CVE-2023-1249, CVE-2023-1281, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1829, CVE-2023-1838, CVE-2023-1859, CVE-2023-2002, CVE-2023-2007, CVE-2023-2008, CVE-2023-2019, CVE-2023-20569, CVE-2023-20588, CVE-2023-20593, CVE-2023-21102, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-2176, CVE-2023-2177, CVE-2023-2235, CVE-2023-2269, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28328, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-2985, CVE-2023-3006, CVE-2023-30456, CVE-2023-3090, CVE-2023-31083, CVE-2023-31084, CVE-2023-3111, CVE-2023-31248, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-32233, CVE-2023-3268, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-3390, CVE-2023-34319, CVE-2023-35001, CVE-2023-3567, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-37453, CVE-2023-3772, CVE-2023-3776, CVE-2023-3812, CVE-2023-3863, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-4004, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4155, CVE-2023-4194, CVE-2023-4273, CVE-2023-42753, CVE-2023-42754, CVE-2023-4387, CVE-2023-4389, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5345 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
krb5=1.19.2-150400.3.6.1 CVE-2023-36054 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
less=590-150400.3.3.1 CVE-2022-46663 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libcap-progs=2.63-150400.3.3.1,libcap2=2.63-150400.3.3.1 CVE-2023-2602, CVE-2023-2603 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libcares2=1.19.1-150000.3.23.1 CVE-2022-4904, CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libcjose0=0.6.1-150100.4.6.1 CVE-2023-37464 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libeconf0=0.5.2-150400.3.6.1 CVE-2023-30078, CVE-2023-30079 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libexpat1=2.4.4-150400.3.12.1 CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libfreetype6=2.10.4-150000.4.15.1 CVE-2022-27404, CVE-2022-27405, CVE-2022-27406, CVE-2023-2004 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libgcc_s1=12.3.0+git1204-150000.1.16.1, libstdc++6=12.3.0+git1204-150000.1.16.1 CVE-2023-4039 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libgnutls30-hmac=3.7.3-150400.4.35.1, libgnutls30=3.7.3-150400.4.35.1 CVE-2022-2509, CVE-2023-0361 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libksba8=1.3.5-150000.4.6.1 CVE-2022-3515 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libldb2=2.4.4-150400.4.11.1 CVE-2022-32746, CVE-2023-0614 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2-14=1.40.0-150200.9.1 CVE-2023-35945 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libopenssl1_1-hmac=1.1.1l-150400.7.57.1, libopenssl1_1=1.1.1l-150400.7.57.1, openssl-1_1=1.1.1l-150400.7.57.1 CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libpcre2-8-0=10.39-150400.4.9.1 CVE-2022-41409 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libpq5=15.4-150200.5.12.1 CVE-2023-39417, CVE-2023-39418 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libprocps7=3.3.15-150000.7.34.1, procps=3.3.15-150000.7.34.1 CVE-2023-4016 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libprotobuf-c1=1.3.2-150200.3.9.1 CVE-2022-48468 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libprotobuf-lite20=3.9.2-150200.4.21.1 CVE-2022-1941, CVE-2022-3171 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libpython3_6m1_0=3.6.15-150300.10.51.1,python3-base=3.6.15-150300.10.51.1, python3-curses=3.6.15-150300.10.51.1, python3-dbm=3.6.15-150300.10.51.1, python3=3.6.15-150300.10.51.1 CVE-2022-25236, CVE-2022-37454, CVE-2023-40217 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libruby2_5-2_5=2.5.9-150000.4.26.1, ruby2.5-stdlib=2.5.9-150000.4.26.1, ruby2.5=2.5.9-150000.4.26.1 CVE-2022-28739 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libsnmp40=5.9.3-150300.15.8.1, net-snmp=5.9.3-150300.15.8.1, perl-SNMP=5.9.3-150300.15.8.1, snmp-mibs=5.9.3-150300.15.8.1 CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808, CVE-2022-24809, CVE-2022-24810 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libsystemd0=249.16-150400.8.33.1, libudev1=249.16-150400.8.33.1, systemd-coredump=249.16-150400.8.33.1, systemd-lang=249.16-150400.8.33.1, systemd-sysvinit=249.16-150400.8.33.1, systemd=249.16-150400.8.33.1, udev=249.16-150400.8.33.1 CVE-2022-3821 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libvmtools0=12.3.0-150300.40.1, open-vm-tools=12.3.0-150300.40.1 CVE-2023-20867, CVE-2023-20900 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libxml2-2=2.9.14-150400.5.22.1, libxml2-tools=2.9.14-150400.5.22.1 CVE-2022-23308, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304, CVE-2023-28484, CVE-2023-39615 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libyajl2=2.1.0-150000.4.6.1 CVE-2022-24795, CVE-2023-33460 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
libzstd1=1.5.0-150400.3.3.1,
zstd=1.5.0-150400.3.3.1		 CVE-2022-4899 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
login_defs=4.8.1-150400.10.12.1,shadow=4.8.1-150400.10.12.1 CVE-2023-4641 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
logrotate=3.18.1-150400.3.7.1 CVE-2022-1348 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
openssh-clients=8.4p1-150300.3.22.1
openssh-common=8.4p1-150300.3.22.1
openssh-fips=8.4p1-150300.3.22.1
openssh-server=8.4p1-150300.3.22.1
openssh=8.4p1-150300.3.22.1		 CVE-2023-38408 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
perl-base=5.26.1-150300.17.14.1,perl-core-DB_File=5.26.1-150300.17.14.1, perl=5.26.1-150300.17.14.1 CVE-2023-31484 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
postgresql14-server=14.9-150200.5.29.1,postgresql14=14.9-150200.5.29.1 CVE-2023-39417 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python3-configobj=5.0.6-150000.3.3.1 CVE-2023-26112 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python3-requests=2.24.0-150300.3.3.1 CVE-2023-32681 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python3-urllib3=1.25.10-150300.4.6.1 CVE-2023-43804 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
samba-client-libs=4.15.13+git.691.3d3cea0641-150400.3.31.1 CVE-2022-0336, CVE-2022-1615, CVE-2022-2031, CVE-2022-2127, CVE-2022-32742, CVE-2022-32743, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-3437, CVE-2022-37966, CVE-2022-37967, CVE-2023-0225, CVE-2023-0614, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
shim=15.7-150300.4.16.1 CVE-2022-28737 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
sudo-plugin-python=1.9.9-150400.4.26.1, sudo=1.9.9-150400.4.26.1 CVE-2022-43995, CVE-2023-22809, CVE-2023-27320, CVE-2023-28487 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
ucode-intel=20230808-150200.27.1 CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
unzip=6.00-150000.4.11.1 CVE-2022-0529 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
vim-data-common=9.0.1894-150000.5.54.1,vim-data=9.0.1894-150000.5.54.1, vim=9.0.1894-150000.5.54.1 CVE-2022-0128, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0407, CVE-2022-0413, CVE-2022-0696, CVE-2022-1381, CVE-2022-1420, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1720, CVE-2022-1733, CVE-2022-1735, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1897, CVE-2022-1898, CVE-2022-1927, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2571, CVE-2022-2580, CVE-2022-2581, CVE-2022-2598, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3352, CVE-2023-1264, CVE-2023-1355, CVE-2023-2426, CVE-2023-2609, CVE-2023-2610, CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4738, CVE-2023-4752, CVE-2023-4781 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
xen-libs=4.16.5_06-150400.4.37.1 CVE-2022-0001, CVE-2022-21123, CVE-2022-23033, CVE-2022-23034, CVE-2022-23035, CVE-2022-23816, CVE-2022-23824, CVE-2022-26356, CVE-2022-26357, CVE-2022-26358, CVE-2022-26360, CVE-2022-26362, CVE-2022-26363, CVE-2022-27672, CVE-2022-33745, CVE-2022-33746, CVE-2022-33747, CVE-2022-33748, CVE-2022-40982, CVE-2022-42309, CVE-2022-42310, CVE-2022-42311, CVE-2022-42313, CVE-2022-42317, CVE-2022-42319, CVE-2022-42320, CVE-2022-42321, CVE-2022-42322, CVE-2022-42325, CVE-2022-42327, CVE-2022-42331, CVE-2022-42332, CVE-2022-42333, CVE-2023-20569, CVE-2023-20588, CVE-2023-20593, CVE-2023-34322, CVE-2023-34323, CVE-2023-34325, CVE-2023-34326, CVE-2023-34327 See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link
Dell PowerProtect Data Manager Versions prior to 19.15 Version 19.15 or later Dell PowerProtect Data Manager 19.15 Drivers and Downloads
Product Affected Versions Remediated Versions Link
Dell PowerProtect Data Manager Versions prior to 19.15 Version 19.15 or later Dell PowerProtect Data Manager 19.15 Drivers and Downloads

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Revision History

Revision

Date

Description

1.0

2023-11-22

Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerProtect Data Manager
Article Properties
Article Number: 000219801
Article Type: Dell Security Advisory
Last Modified: 10 Jan 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.