DSA-2023-315: Security Update for Dell Data Protection Advisor Vulnerabilities
Summary: Dell Data Protection Advisor remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Resteasy JaxRS | CVE-2016-6346, CVE-2017-7561, CVE-2020-1695 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/  |
| Apache Commons Compress | CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Jackson-Databind | CVE-2022-42003, CVE-2022-42004 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Affected Products & Remediation
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2016-6346, CVE-2017-7561, CVE-2020-1695 | Data Protection Advisor | Data Protection Advisor Agent | Version Prior to 19.7, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 | Data Protection Advisor | Data Protection Advisor Agent | Version 19.9, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2022-42003, CVE-2022-42004 | Data Protection Advisor | Data Protection Advisor Agent | Version Prior to 19.7, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2016-6346, CVE-2017-7561, CVE-2020-1695, CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090, CVE-2022-42003, CVE-2022-42004 | PowerProtect DP Series Appliance (IDPA) | Data Protection Advisor Agent | Versions prior to 2.7.6 | Version 2.7.6 or later | Link to PowerProtect DP Series Software: https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2016-6346, CVE-2017-7561, CVE-2020-1695 | Data Protection Advisor | Data Protection Advisor Agent | Version Prior to 19.7, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 | Data Protection Advisor | Data Protection Advisor Agent | Version 19.9, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2022-42003, CVE-2022-42004 | Data Protection Advisor | Data Protection Advisor Agent | Version Prior to 19.7, Version 19.8 prior to Build 71 |
Version 19.9, Version 19.8 Build 71 and later version |
https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| CVE-2016-6346, CVE-2017-7561, CVE-2020-1695, CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090, CVE-2022-42003, CVE-2022-42004 | PowerProtect DP Series Appliance (IDPA) | Data Protection Advisor Agent | Versions prior to 2.7.6 | Version 2.7.6 or later | Link to PowerProtect DP Series Software: https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Link to PowerProtect DP Series Installation and Upgrade guide: Dell EMC PowerProtect DP Series Appliance 2.7.6 Installation and Upgrade Guide
- Unless specified as impacted, the term “or Later” encompasses all releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell recommends that you always upgrade to the latest release/version for your product
Revision History
| Revision | Date | Description |
| 1.0 | 2023-09-18 | Initial Release |
| 2.0 | 2023-10-17 | Added "PowerProtect DP Series Appliance (IDPA)" under "Affected Products and Remediation" section |
| 3.0 | 2023-10-18 | Reverting back changes we made in the Security Advisory under "Affected Products and Remediation" section wrt PowerProtect DP Series Appliance (IDPA) Product |
| 4.0 | 2023-11-15 | Added point 1 under "Additional Info" section for PowerProtect DP Series Appliance/IDPA product |
| 5.0 | 2023-12-21 | Added "PowerProtect DP Series Appliance (IDPA)" under "Affected Products and Remediation" section. Also, updated point 1 under "Additional Info" section with a Link to PowerProtect DP Series Installation and Upgrade guide |
Related Information
Legal Disclaimer
Affected Products
PowerProtect Data Protection Appliance, Data Protection Advisor, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security InformationArticle Properties
Article Number: 000217769
Article Type: Dell Security Advisory
Last Modified: 09 Sept 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.