Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000223304

DSA-2024-145: Dell Technologies PowerProtect DD Management Center with SmartScale Feature Security Update for multiple security Vulnerabilities

Summary: Dell Technologies PowerProtect DD Management Center with SmartScale Feature remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...

Article Content

Impact

Critical

Details

Third-Party Component

CVEs

More Information

curl

CVE-2023-23916, CVE-2022-43552, CVE-2022-35252, CVE-2022-32221, CVE-2022-32208, CVE-2022-32207, CVE-2023-32001

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

util-linux

CVE-2018-7738

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

Vim, vim-data-common

CVE-2023-2426, CVE-2023-2609, CVE-2023-2610, CVE-2023-1264, CVE-2023-1355

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

postgresql12

CVE-2023-2455, CVE-2023-2454

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libwebp7

CVE-2023-1999

See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

dbus

CVE-2023-34969

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libopenssl1_1, openssl1_1 

CVE-2023-2650, CVE-2023-3446, CVE-2023-3817

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

postgresql15

CVE-2023-39417, CVE-2023-39418, CVE-2023-2454, CVE-2023-2455

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

gawk 

CVE-2023-4156 

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSH

CVE-2023-38408

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

ernel

CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1380, CVE-2023-2176, CVE-2023-2194, CVE-2023-2269, CVE-2023-2513, CVE-2023-28466, CVE-2023-31084, CVE-2023-31436, CVE-2023-32269

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

Pcre2

CVE-2022-41409

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

docker

CVE-2023-28840, CVE-2023-28841, CVE-2023-28842

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libcap2

CVE-2023-2603

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

ucode-intel

CVE-2022-33972

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

supportutils 

CVE-2022-45154

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

ntp

CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

opensc

CVE-2023-2977

See NVD link below for individual scores for each CVE. https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

openldap2

CVE-2023-2953

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

tiff

CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

cups

CVE-2023-32324

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

python36

CVE-2007-4559

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

perl

CVE-2023-31486

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libX11

CVE-2023-3138

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

krb5

CVE-2023-36054

See NVD link below for individual scores for each CVE.https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libpq5

CVE-2023-2455, CVE-2023-2454

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

gnu binutils

CVE-2023-1972, CVE-2023-1579, CVE-2022-4285, CVE-2022-38533

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

urllib

CVE-2021-33503, CVE-2020-26137, CVE-2019-11324, CVE-2019-11236

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

libxml2

CVE-2023-29469, CVE-2023-28484, CVE-2022-40304, CVE-2022-40303

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

python-wheel

CVE-2022-40898

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

cloud-init

CVE-2023-1786

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

python-certifi

CVE-2022-23491

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL

CVE-2022-4304

See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product 

Software/Firmware 

Affected Versions 

Remediated Versions 

Link 

Dell PowerProtect DD Management Center with SmartScale feature

Dell PowerProtect DD Management Center with SmartScale feature

Versions 7.8 through 7.12

Version 7.13.0.10 or later

See link for more details about DDMC versions available for download (requires log in to Dell Support to view article)

Dell PowerProtect DD Management Center with SmartScale feature

Dell PowerProtect DD Management Center with SmartScale feature LTS2023 7.10

Versions 7.10.1.0 through 7.10.1.15

Version 7.10.1.20 or later

See link for more details about DDMC versions available for download (requires log in to Dell Support to view article)

Product 

Software/Firmware 

Affected Versions 

Remediated Versions 

Link 

Dell PowerProtect DD Management Center with SmartScale feature

Dell PowerProtect DD Management Center with SmartScale feature

Versions 7.8 through 7.12

Version 7.13.0.10 or later

See link for more details about DDMC versions available for download (requires log in to Dell Support to view article)

Dell PowerProtect DD Management Center with SmartScale feature

Dell PowerProtect DD Management Center with SmartScale feature LTS2023 7.10

Versions 7.10.1.0 through 7.10.1.15

Version 7.10.1.20 or later

See link for more details about DDMC versions available for download (requires log in to Dell Support to view article)

Note: PowerProtect DD Management Center (DDMC) can be upgraded independent of other types PowerProtect DD systems. To remediate the vulnerabilities mentioned in this DSA, customers can choose to only upgrade DDMC. More details can be found in the release notes.

For more details about DDOS versions available for download, see the links below (requires log in to Dell Support to view articles): 

Please also see:  

Revision History

Revision

Date

Description

1.0

2024-03-19

Initial Release

2.02024-03-21Updated "Affected Product" section under "Article Properties"
3.02024-03-22Updated "Affected Products and Remediation Table" section for Affected Versions for software Dell PowerProtect DD Management Center with SmartScale feature LTS2023 7.10 from 7.10.1.20 to correct version 7.10.1.15 
Corrected Revision 2 Date from 2024-03-24 to correct date of submission 2024-03-21

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Data Domain, Data Domain, PowerProtect Data Domain Management Center

Last Published Date

22 Mar 2024

Version

3

Article Type

Dell Security Advisory

Back to Top