Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000218604

DSA-2023-349 : Security Update for Dell Unity Family, Dell EMC Unity All Flash for Multiple Component Vulnerabilities

Summary: Dell Unity Family, Dell EMC Unity All Flash remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-party Component CVEs More Information
Libtasn1 CVE-2021-46848 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
 
Libksba8 CVE-2022-3515 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2022-43995 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
supportutils CVE-2018-19639 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
bind-utils CVE-2022-38178 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libcurl4 CVE-2022-27782 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
gnutls CVE-2022-2509 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
cyrus-sasl CVE-2019-19906 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2022-3234 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
telnet CVE-2022-39028 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2022-40304, CVE-2022-40303, CVE-2016-3709 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
expat CVE-2022-40674, CVE-2022-43680 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
multipath-tools CVE-2022-41974 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
sysuser-shadow CVE-2020-8616 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2022-29154 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
LibTIFF5 CVE-2022-3970 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2022-45061, CVE-2022-37454 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libpixman CVE-2022-44638 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
postgresql CVE-2022-1552, CVE-2021-23214, CVE-2022-2625, CVE-2021-23222 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Apache HTTP Server CVE-2023-25690 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
containerd  CVE-2022-23471 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2021-37750, CVE-2022-42898 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libfreetype6 CVE-2022-27404, CVE-2022-27405, CVE-2022-27406 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
GnuPG CVE-2022-34903 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
python2/3-PyYAML CVE-2020-1747 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
logrotate CVE-2021-3864 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
python CVE-2021-28861 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
csync2 CVE-2019-15522, CVE-2019-15523 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Oracle Java SE CVE-2023-21930, CVE-2023-21954, CVE-2023-21939, CVE-2023-25193, CVE-2023-22051, CVE-2023-22049, CVE-2023-22045, CVE-2023-22044, CVE-2023-22043, CVE-2023-22041, CVE-2023-22036, CVE-2023-22006, CVE-2023-21830, CVE-2022-45688 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2021-46848, CVE-2022-3515, CVE-2022-43995, CVE-2018-19639, CVE-2022-38178, CVE-2022-27782, CVE-2022-2509, CVE-2019-19906, CVE-2022-3234, CVE-2022-39028, CVE-2022-40304, CVE-2022-40303, CVE-2016-3709, CVE-2022-40674, CVE-2022-43680, CVE-2022-37434, CVE-2022-41974, CVE-2020-8616, CVE-2022-29154, CVE-2022-3970, CVE-2022-45061, CVE-2022-37454, CVE-2022-44638, CVE-2022-1552, CVE-2021-23214, CVE-2022-2625, CVE-2021-23222, CVE-2023-21930, CVE-2023-21954, CVE-2023-25690, CVE-2022-23471, CVE-2021-37750, CVE-2022-42898, CVE-2022-27404, CVE-2022-27405, CVE-2022-27406, CVE-2022-34903, CVE-2020-1747, CVE-2021-3864, CVE-2021-28861, CVE-2019-15522, CVE-2019-15523, CVE-2023-25193, CVE-2023-22051, CVE-2023-22049, CVE-2023-22045, CVE-2023-22044, CVE-2023-22043, CVE-2023-22041, CVE-2023-22036, CVE-2023-22006, CVE-2023-21830, CVE-2022-45688 Dell Unity Family, Dell EMC Unity All Flash Dell Unity Operating Environment (OE) Versions prior to 5.3.1 5.3.1.0.5.008 https://www.dell.com/support/home/product-support/product/unity-all-flash-family/drivers
CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2021-46848, CVE-2022-3515, CVE-2022-43995, CVE-2018-19639, CVE-2022-38178, CVE-2022-27782, CVE-2022-2509, CVE-2019-19906, CVE-2022-3234, CVE-2022-39028, CVE-2022-40304, CVE-2022-40303, CVE-2016-3709, CVE-2022-40674, CVE-2022-43680, CVE-2022-37434, CVE-2022-41974, CVE-2020-8616, CVE-2022-29154, CVE-2022-3970, CVE-2022-45061, CVE-2022-37454, CVE-2022-44638, CVE-2022-1552, CVE-2021-23214, CVE-2022-2625, CVE-2021-23222, CVE-2023-21930, CVE-2023-21954, CVE-2023-25690, CVE-2022-23471, CVE-2021-37750, CVE-2022-42898, CVE-2022-27404, CVE-2022-27405, CVE-2022-27406, CVE-2022-34903, CVE-2020-1747, CVE-2021-3864, CVE-2021-28861, CVE-2019-15522, CVE-2019-15523, CVE-2023-25193, CVE-2023-22051, CVE-2023-22049, CVE-2023-22045, CVE-2023-22044, CVE-2023-22043, CVE-2023-22041, CVE-2023-22036, CVE-2023-22006, CVE-2023-21830, CVE-2022-45688 Dell Unity Family, Dell EMC Unity All Flash Dell Unity Operating Environment (OE) Versions prior to 5.3.1 5.3.1.0.5.008 https://www.dell.com/support/home/product-support/product/unity-all-flash-family/drivers

Revision History

Revision DateDescription
1.02023-10-16Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product
Dell EMC Unity, Dell Unity 450F DC, Product Security Information, Dell Unity 300, Dell Unity 300 DC, Dell EMC Unity 300F, Dell EMC Unity 350F, Dell Unity 350F DC, Dell EMC Unity XT 380, Dell EMC Unity XT 380F, Dell EMC Unity 400, Dell Unity 400 DC , Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity XT 480, Dell EMC Unity XT 480F, Dell EMC Unity 500, Dell EMC Unity 500F, Dell EMC Unity 550F, Dell EMC Unity 600, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity XT 680, Dell EMC Unity XT 680F, Dell EMC Unity XT 880, Dell EMC Unity XT 880F, Unity All Flash, Dell EMC Unity Family |Dell EMC Unity All Flash, Dell EMC Unity Family, Dell EMC Unity Hybrid, Unity Hybrid flash, Dell Unity Operating Environment (OE), UnityVSA, Dell EMC UnityVSA Professional Edition/Unity Cloud Edition ...
Last Published Date

16 Oct 2023

Version

2

Article Type

Dell Security Advisory

Back to Top