DSN-2022-002: Dell Response to OpenSSL CVE-2022-3602 and CVE-2022-3786 Vulnerability Disclosure

Summary: Dell assessment of the OpenSSL library vulnerabilities CVE-2022-3602 and CVE-2022-3786

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Security Article Type

Security KB

CVE Identifier

CVE-2022-3602, CVE-2022-3786

Issue Summary

OpenSSL Publication: https://www.openssl.org/news/secadv/20221101.txt
CVE Reference: CVE-2022-3602, CVE-2022-3786

Details

Dell has reviewed the OpenSSL vulnerabilities tracked in CVE-2022-3602 and CVE-2022-3786 which impacts OpenSSL versions 3.0.0 to 3.0.6. The issues tracked in CVE-2022-3602 and CVE-2022-3786 do not impact OpenSSL 1.1.1 and 1.0.2. The security of our products and network is a top priority and critical to protecting our customers.

The following Security Advisory provides remediation details for the products impacted by these vulnerabilities:

You can subscribe to be notified of our Security Alerts when new Security Advisories are posted by following the guidance in Dell KB article 113250: How to subscribe to Dell Technical Advisories (DTAs) and Dell Security Advisories (DSAs), or by following the directions in the Security Alerts section on the Security Advisories and Notices page.

Recommendations

Customers are encouraged to follow security best practices, including those recommended by OpenSSL and continue to monitor this notice for updated information as it becomes available.

Legal Disclaimer

Affected Products

Product Security Information
Article Properties
Article Number: 000204898
Article Type: Security KB
Last Modified: 26 Jan 2023
Version:  2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.