DSA-2022-263: Dell ECS Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell ECS 3.7.0.3 remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component CVE IDs Details
Apache2 CVE-2022-26377 https://suse.com/security/cve/CVE-2022-26377
CVE-2022-28614 https://suse.com/security/cve/CVE-2022-28614
CVE-2022-28615 https://suse.com/security/cve/CVE-2022-28615
CVE-2022-29404 https://suse.com/security/cve/CVE-2022-29404
CVE-2022-30522 https://suse.com/security/cve/CVE-2022-30522
CVE-2022-30556 https://suse.com/security/cve/CVE-2022-30556
CVE-2022-31813 https://suse.com/security/cve/CVE-2022-31813
dnsmasq CVE-2021-3448 https://suse.com/security/cve/CVE-2021-3448
CVE-2022-0934 https://suse.com/security/cve/CVE-2022-0934
e2fsprogs CVE-2022-1304 https://suse.com/security/cve/CVE-2022-1304
git CVE-2022-24765 https://suse.com/security/cve/CVE-2022-24765
gzip CVE-2022-1271 https://suse.com/security/cve/CVE-2022-1271
libldap CVE-2022-29155 https://suse.com/security/cve/CVE-2022-29155
libpcre CVE-2022-1586 https://suse.com/security/cve/CVE-2022-1586
OpenSSL CVE-2022-1292 https://suse.com/security/cve/CVE-2022-1292
CVE-2022-2068 https://suse.com/security/cve/CVE-2022-2068
python-paramiko CVE-2022-24302 https://suse.com/security/cve/CVE-2022-24302
SUSE SLES12 Security Update SUSE-SU-2022:1308-1 Security Update Announcement SUSE-SE-2022:1308-1
SUSE-SU-2022:1833-1 Security Update Announcement SUSE-SE-2022:1833-1
SUSE-SU-2022:2166-1 Security Update Announcement SUSE-SE-2022:2166-1
Third-party Component CVE IDs Details
Apache2 CVE-2022-26377 https://suse.com/security/cve/CVE-2022-26377
CVE-2022-28614 https://suse.com/security/cve/CVE-2022-28614
CVE-2022-28615 https://suse.com/security/cve/CVE-2022-28615
CVE-2022-29404 https://suse.com/security/cve/CVE-2022-29404
CVE-2022-30522 https://suse.com/security/cve/CVE-2022-30522
CVE-2022-30556 https://suse.com/security/cve/CVE-2022-30556
CVE-2022-31813 https://suse.com/security/cve/CVE-2022-31813
dnsmasq CVE-2021-3448 https://suse.com/security/cve/CVE-2021-3448
CVE-2022-0934 https://suse.com/security/cve/CVE-2022-0934
e2fsprogs CVE-2022-1304 https://suse.com/security/cve/CVE-2022-1304
git CVE-2022-24765 https://suse.com/security/cve/CVE-2022-24765
gzip CVE-2022-1271 https://suse.com/security/cve/CVE-2022-1271
libldap CVE-2022-29155 https://suse.com/security/cve/CVE-2022-29155
libpcre CVE-2022-1586 https://suse.com/security/cve/CVE-2022-1586
OpenSSL CVE-2022-1292 https://suse.com/security/cve/CVE-2022-1292
CVE-2022-2068 https://suse.com/security/cve/CVE-2022-2068
python-paramiko CVE-2022-24302 https://suse.com/security/cve/CVE-2022-24302
SUSE SLES12 Security Update SUSE-SU-2022:1308-1 Security Update Announcement SUSE-SE-2022:1308-1
SUSE-SU-2022:1833-1 Security Update Announcement SUSE-SE-2022:1833-1
SUSE-SU-2022:2166-1 Security Update Announcement SUSE-SE-2022:2166-1
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Version Remediation
Dell ECS 3.1.x.x, 3.2.x.x, 3.3.x.x, 3.4.x.x, 3.5.x.x, 3.6.x.x, and 3.7.x.x ECS 3.7.0.3 Dell Technologies recommends that all customers upgrade their ECS systems at the earliest opportunity by opening an "Operating Environment Upgrade" Service Request.
Product Affected Versions Updated Version Remediation
Dell ECS 3.1.x.x, 3.2.x.x, 3.3.x.x, 3.4.x.x, 3.5.x.x, 3.6.x.x, and 3.7.x.x ECS 3.7.0.3 Dell Technologies recommends that all customers upgrade their ECS systems at the earliest opportunity by opening an "Operating Environment Upgrade" Service Request.

Revision History

RevisionDateDescription
1.02022-09-15Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-Series , ECS Appliance Hardware Gen2 U-Series, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, Elastic Cloud Storage, Product Security Information ...
Article Properties
Article Number: 000203441
Article Type: Dell Security Advisory
Last Modified: 22 Sep 2022
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.