Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000225925


DSA-2024-268: Security Update for Dell Repository Manager Vulnerability

Summary: Dell Repository Manager remediation is available for a Outdated Components vulnerability that could be exploited by malicious users to compromise the affected system.

Article Content


Impact

High

Details

Third-party Component  CVEs  More Information 
Java OpenJDK CVE-2024-20918, CVE-2024-20945, CVE-2024-20952, CVE-2024-20926, CVE-2024-20919, CVE-2024-20921, CVE-2023-22081, CVE-2023-22041, CVE-2023-22049, CVE-2023-22045, CVE-2023-22006, CVE-2023-22036, CVE-2023-21954, CVE-2023-21968, CVE-2023-21939, CVE-2023-21937, CVE-2023-21930, CVE-2023-21967, CVE-2023-21938, CVE-2023-21843, CVE-2023-21835, CVE-2022-21628, CVE-2022-21619, CVE-2022-39399, CVE-2022-21626 See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product  Affected Versions  Remediated Versions  Link 
Dell Repository Manager  Version 3.4.4  Version 3.4.5 Dell Repository Manager, v3.4.5 | Driver Details | Dell US
Product  Affected Versions  Remediated Versions  Link 
Dell Repository Manager  Version 3.4.4  Version 3.4.5 Dell Repository Manager, v3.4.5 | Driver Details | Dell US
No action required from the customer if DRM-3.4.5 is already installed either by the customer. However, we recommend following the workaround mentioned above.

Workarounds and Mitigations

CVE ID Workaround and Mitigation
CVE-2024-20918, CVE-2024-20945, CVE-2024-20952, CVE-2024-20926, CVE-2024-20919, CVE-2024-20921, CVE-2023-22081, CVE-2023-22041, CVE-2023-22049, CVE-2023-22045, CVE-2023-22006, CVE-2023-22036, CVE-2023-21954, CVE-2023-21968, CVE-2023-21939, CVE-2023-21937, CVE-2023-21930, CVE-2023-21967, CVE-2023-21938, CVE-2023-21843, CVE-2023-21835, CVE-2022-21628, CVE-2022-21619, CVE-2022-39399, CVE-2022-21626 Java OpenJDK 21 version is updated

Revision History

RevisionDateDescription
1.02024-06-10Initial release

Related Information


Article Properties


Affected Product
Dell Repository Manager Version 2.1, Dell Repository Manager Version 2.2, Dell Repository Manager Version 1.0, Dell Repository Manager Version 1.1, Dell Repository Manager Version 1.2, Dell Repository Manager Version 1.3 , Dell Repository Manager Version 1.4, Dell Repository Manager Version 1.5, Dell Repository Manager Version 1.6, Dell Repository Manager Version 1.7, Dell Repository Manager Version 1.8, Dell Repository Manager Version 1.9, Dell Repository Manager Version 2.0 ...
Last Published Date

10 Jun 2024

Article Type

Dell Security Advisory