Article Number: 000215200

DSA-2023-227: Dell EMC SRM and Dell EMC Storage Monitoring and Reporting (SMR) Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC SRM and Dell EMC SMR remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-party Component	CVEs	More information
SUSE	CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772	See Base Score for individual scores for each CVE. https://www.suse.com/security/cve/
MySQL	CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Java	CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Apache Sshd-core	CVE-2021-30129	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Apache FileUpload	CVE-2023-24998	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Tomcat	CVE-2023-28708	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed	Product	Software/ Firmware	Affected Versions	Remediated Versions	Link
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SRM	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/34247_SRM
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SRM Vapp	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/34247_SRM
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SMR	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/40532_SMR
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SMR Vapp	Data Domain Operating System	Versions prior to 4.9.1.0	4.9.1.0	https://support.emc.com/downloads/40532_SMR

CVEs Addressed	Product	Software/ Firmware	Affected Versions	Remediated Versions	Link
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SRM	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/34247_SRM
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SRM Vapp	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/34247_SRM
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SMR	Data Domain Operating System	Versions prior to 4.9.1.0	Version 4.9.1.0	https://support.emc.com/downloads/40532_SMR
CVE-2020-36691, CVE-2022-27774, CVE-2022-43945, CVE-2023-0465, CVE-2023-0466, CVE-2023-0512, CVE-2023-0922, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23931, CVE-2023-2483, CVE-2023-25652, CVE-2023-25815, CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26604, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-28486, CVE-2023-28487, CVE-2023-29007, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-30630, CVE-2023-30772, CVE-2022-37434, CVE-2023-0215, CVE-2022-43551, CVE-2023-21912, CVE-2023-21980, CVE-2023-21963, CVE-2023-28708, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21968, CVE-2023-21937	Dell EMC SMR Vapp	Data Domain Operating System	Versions prior to 4.9.1.0	4.9.1.0	https://support.emc.com/downloads/40532_SMR

Revision History

Revision	Date	Description
1.0	2023-06-28	Initial Release
2.0	2023-08-29	Updated for enhanced presentation with no changes to content.

Related Information

Legal Information

Article Properties

Affected Product

EMC Storage Monitoring and Reporting, SRM, Storage Monitoring and Reporting, SRM

DSA-2023-227: Dell EMC SRM and Dell EMC Storage Monitoring and Reporting (SMR) Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC SRM and Dell EMC SMR remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Version

Article Type

Welcome

Welcome to Dell

DSA-2023-227: Dell EMC SRM and Dell EMC Storage Monitoring and Reporting (SMR) Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell EMC SRM and Dell EMC SMR remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Details

Affected Products and Remediation

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Last Published Date

Version

Article Type