Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000217202

DSA-2023-298: Security update for Dell ECS 3.8.0.3 Multiple vulnerabilities.

Summary: Dell ECS 3.8.0.3 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-Party Component CVE’s More Information
apache2 CVE-2022-36760, CVE-2022-37436, CVE-2023-25690 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2019-1010204, CVE-2021-3530, CVE-2021-3648, CVE-2021-3826, CVE-2021-45078, CVE-2021-46195, CVE-2022-27943, CVE-2022-38126, CVE-2022-38127, CVE-2022-38533 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
Containerd CVE-2021-41089, CVE-2021-41092, CVE-2021-41103, CVE-2022-29162, CVE-2022-31030, CVE-2022-23471, CVE-2022-27191, CVE-2023-25153, CVE-2023-25173 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2022-43552, CVE-2023-23916, CVE-2023-27533 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
dbus CVE-2022-42010, CVE-2022-42011, CVE-2022-42012 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
dmidecode CVE-2023-30630 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
docker CVE-2019-5736, CVE-2022-36109 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
emacs CVE-2022-45939, CVE-2022-48337, CVE-2022-48339 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
expat CVE-2022-43680 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-25652, CVE-2023-25815, CVE-2023-29007 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
git-.i26 CVE-2022-23521, CVE-2022-41903, CVE-2023-22490, CVE-2023-23946 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2015-8985 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
 
grub2 CVE-2022-2601, CVE-2022-3775 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
 
java CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843, CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
 
Kernel CVE-2019-19377, CVE-2020-26541, CVE-2021-4157, CVE-2022-1184, CVE-2022-1679, CVE-2022-1729, CVE-2022-1974, CVE-2022-1975, CVE-2022-20132, CVE-2022-20141, CVE-2022-20154, CVE-2022-21499, CVE-2022-2318, CVE-2022-26365, CVE-2022-29900, CVE-2022-29901, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33981, CVE-2021-26341, CVE-2021-33655, CVE-2021-33656, CVE-2022-1462, CVE-2020-36516, CVE-2020-36557, CVE-2020-36558, CVE-2021-4203, CVE-2022-20166, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-2588, CVE-2022-26373, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-36879, CVE-2022-36946, CVE-2022-2503, CVE-2022-2663, CVE-2022-3239, CVE-2022-39188, CVE-2022-41218, CVE-2021-4037, CVE-2022-2153, CVE-2022-28693, CVE-2022-28748, CVE-2022-2964, CVE-2022-3169, CVE-2022-3424, CVE-2022-3521, CVE-2022-3524, CVE-2022-3542, CVE-2022-3545, CVE-2022-3565, CVE-2022-3567, CVE-2022-3586, CVE-2022-3594, CVE-2022-3621, CVE-2022-3628, CVE-2022-3629, CVE-2022-3635, CVE-2022-3643, CVE-2022-3646, CVE-2022-3649, CVE-2022-3903, CVE-2022-40307, CVE-2022-40768, CVE-2022-4095, CVE-2022-41848, CVE-2022-41850, CVE-2022-41858, CVE-2022-42328, CVE-2022-42329, CVE-2022-42703, CVE-2022-42895, CVE-2022-42896, CVE-2022-43750, CVE-2022-4378, CVE-2022-43945, CVE-2022-45934, CVE-2022-3564, CVE-2022-4662, CVE-2022-47929, CVE-2023-23454, CVE-2022-2991, CVE-2022-4129, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0590, CVE-2023-23559, CVE-2023-26545, CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2022-20567, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-0394 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
krb CVE-2022-42898 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libapr CVE-2022-25147 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libksba CVE-2022-3515, CVE-2022-47629 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libpixman CVE-2022-44638 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libtiff CVE-2022-0561, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-34266, CVE-2022-34526, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970, CVE-2022-48281, CVE-2022-3597 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libtripc CVE-2021-46828 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libtsin1 CVE-2021-46848 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2016-3709, CVE-2022-40303, CVE-2022-40304 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
libxslt CVE-2021-30560 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
python CVE-2022-42969, CVE-2020-25658, CVE-2022-40899, CVE-2023-24329, CVE-2015-2296 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
python-urllib3 CVE-2020-26116, CVE-2020-26137, CVE-2021-33503 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
runc CVE-2023-25809, CVE-2023-27561, CVE-2023-28642 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
 
shadow CVE-2023-29383 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2023-22809, CVE-2023-28486, CVE-2023-28487 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
systemd CVE-2022-3821, CVE-2022-4415, CVE-2023-26604 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
telnet CVE-2022-39028 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
ucode CVE-2022-21216, CVE-2022-33196, CVE-2022-38090 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
ucode-intel CVE-2022-21233 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2021-3968, CVE-2021-3973, CVE-2021-3778, CVE-2021-3796, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3928, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4136, CVE-2021-4166, CVE-2021-4192, CVE-2021-4193, CVE-2022-0128, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0407, CVE-2022-0413, CVE-2022-0696, CVE-2022-1897, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2571, CVE-2022-2580, CVE-2022-2581, CVE-2022-2598, CVE-2022-2819, CVE-2022-2980, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3491, CVE-2022-3520, CVE-2022-3591, CVE-2022-3705, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0433 See SUSE link below for each CVE. 
https://www.suse.comThis hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions Link
Dell ECS Versions prior to 3.8.0.3 ECS 3.8.0.3 Dell Technologies recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Product Affected Versions Updated Versions Link
Dell ECS Versions prior to 3.8.0.3 ECS 3.8.0.3 Dell Technologies recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.

Workarounds and Mitigations

None

Revision History

RevisionDateDescription
1.02023-08-31Initial Release

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

ECS, ECS Appliance, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ECS Software

Last Published Date

31 Aug 2023

Version

1

Article Type

Dell Security Advisory

Back to Top