DSA-2022-296: Dell PowerProtect Data Manager Update for Multiple Security Vulnerabilities
Resumen: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
Operating System Components CVEs Details:
Third-party Open-Source Components CVEs Details:
| Operating System Components | CVEs | More Information |
| puppet=3.8.5-15.18.1 | CVE-2021-27023 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| rsyslog-module-gtls=8.2106.0-8.11.2 rsyslog=8.2106.0-8.11.2 |
CVE-2022-24903 | |
| libz1=1.2.11-11.22.1 | CVE-2022-37434 | |
| libvmtools0=12.1.0-4.45.1 open-vm-tools=12.1.0-4.45.1 |
CVE-2022-31676 | |
| libnl-config=3.2.23-4.7.1 libnl3-200=3.2.23-4.7.1 |
CVE-2017-0386 | |
| unzip=6.00-33.16.1 | CVE-2022-0530 | |
| samba-client-libs=4.15.8+git.473.1a1018e0a0b-3.71.2 | CVE-2022-1615 CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 | |
| libpcre1=8.45-8.12.1 | CVE-2022-1586 | |
| runc=1.1.3-16.21.1 | CVE-2022-29162 | |
| libpython2_7-1_0=2.7.18-33.11.1 libpython3_4m1_0=3.4.10-25.93.1 python-base=2.7.18-33.11.1 python-xml=2.7.18-33.11.1 python3-base=3.4.10-25.93.1 python3=3.4.10-25.93.1 |
CVE-2015-20107 | |
| rsync=3.1.3-3.9.1 | CVE-2022-29154 | |
| grub2-i386-pc=2.02-143.2 grub2-snapper-plugin=2.02-143.2 grub2-systemd-sleep-plugin=2.02-143.2 grub2=2.02-143.2 |
CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28736 |
|
| libp11-kit0=0.23.2-8.10.1 p11-kit-tools=0.23.2-8.10.1 p11-kit=0.23.2-8.10.1 |
CVE-2020-29362 | |
| kernel-default=4.12.14-122.133.1 | CVE-2022-21385 CVE-2022-3028 |
|
| containerd=1.6.6-16.62.1 | CVE-2022-31030 | |
| ucode-intel=20220809-3.46.1 | CVE-2022-21233 | |
| libjson-c2=0.12.1-4.3.1 | CVE-2013-6371 CVE-2020-12762 |
|
| perl-HTTP-Daemon=6.01-9.5.1 | CVE-2022-31081 | |
| libopenssl1_1=1.1.1d-2.69.1 | CVE-2022-2097 | |
| libicu52_1-data=52.1-8.13.1 libicu52_1=52.1-8.13.1 |
CVE-2020-21913 | |
| java-11-openjdk-headless=11.0.16.0-3.46.1 | CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 |
|
| libcroco-0_6-3=0.6.11-12.6.45 | CVE-2020-12825 | |
| logrotate=3.11.0-2.20.1 | CVE-2021-3864 | |
| libpq5=14.5-3.14.9 postgresql10-server=10.22-4.31.1 postgresql10=10.22-4.31.1 postgresql14-server=14.5-3.14.9 postgresql14=14.5-3.14.9 |
CVE-2022-2625 | |
| libncurses5=5.9-78.1 libncurses6=5.9-78.1 ncurses-utils=5.9-78.1 terminfo-base=5.9-78.1 terminfo=5.9-78.1 |
CVE-2022-29458 | |
| expat=2.1.0-21.25.1 libexpat1=2.1.0-21.25.1 |
CVE-2022-40674 | |
| cifs-utils=6.9-13.23.1 | CVE-2022-29869 | |
| libpython3_6m1_0=3.6.15-27.1 python36-base=3.6.15-27.1 python36=3.6.15-27.1 |
CVE-2021-28861 | |
| python3-PyJWT=1.5.3-3.16.1 | CVE-2022-29217 | |
| permissions=20170707-6.10.1 | CVE-2022-31252 | |
| curl=7.60.0-11.46.1 libcurl4=7.60.0-11.46.1 |
CVE-2022-35252 | |
| libsqlite3-0=3.39.3-9.23.1 | CVE-2021-36690 CVE-2022-35737 |
|
| libjpeg8=8.1.2-31.28.1 | CVE-2020-35538 | |
| libpcre2-8-0=10.34-1.10.1 | CVE-2022-1587 | |
| gpg2-lang=2.0.24-9.11.1 gpg2=2.0.24-9.11.1 |
CVE-2022-34903 | |
| git-core=2.26.2-27.57.1 | CVE-2022-29187 | |
| libopenssl1_0_0=1.0.2p-3.56.1 openssl-1_0_0=1.0.2p-3.56.1 |
CVE-2022-1292 CVE-2022-2068 |
Third-party Open-Source Components CVEs Details:
Third-party Component |
CVEs | More Information |
|
moment/moment 2.29.3 |
CVE-2022-31129 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| Passport.js0.5.2 | CVE-2022-25896 | |
| Apache Commons Configuration2.7 | CVE-2022-33980 | |
| Apache Tomcat9.0.64 | CVE-2022-34305 | |
| Spring Framework5.3.21 | CVE-2016-1000027 | |
| gson-2.8.5 | CVE-2022-25647 | |
| jackson-databind-2.10.4 | CVE-2020-25649 CVE-2020-36518 CVE-2020-28491 |
|
| netty-tcnative-boringssl-static-2.0.52.Final | CVE-2011-1797 | |
| netty-transport-4.1.66.Final | CVE-2021-37136 CVE-2021-37137 |
|
| okhttp-2.7.5 | CVE-2021-0341 | |
| postgresql-42.3.5 | CVE-2022-31197 | |
| Reactor RabbitMQ: A reactive API for RabbitMQ1.5.4 | CVE-2021-22116 | |
| snakeyaml-1.28 | CVE-2022-25857 | |
| tomcat-embed-core-9.0.62 | CVE-2022-29885 | |
| logback-classic 1.2.3 | CVE-2021-42550 | |
| Golang | CVE-2022-30629 CVE-2022-30580 CVE-2022-1962 CVE-2022-32148 CVE-2022-30635 CVE-2022-30633 CVE-2022-30632 CVE-2022-30631 CVE-2022-32189 |
Operating System Components CVEs Details:
Third-party Open-Source Components CVEs Details:
| Operating System Components | CVEs | More Information |
| puppet=3.8.5-15.18.1 | CVE-2021-27023 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| rsyslog-module-gtls=8.2106.0-8.11.2 rsyslog=8.2106.0-8.11.2 |
CVE-2022-24903 | |
| libz1=1.2.11-11.22.1 | CVE-2022-37434 | |
| libvmtools0=12.1.0-4.45.1 open-vm-tools=12.1.0-4.45.1 |
CVE-2022-31676 | |
| libnl-config=3.2.23-4.7.1 libnl3-200=3.2.23-4.7.1 |
CVE-2017-0386 | |
| unzip=6.00-33.16.1 | CVE-2022-0530 | |
| samba-client-libs=4.15.8+git.473.1a1018e0a0b-3.71.2 | CVE-2022-1615 CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 | |
| libpcre1=8.45-8.12.1 | CVE-2022-1586 | |
| runc=1.1.3-16.21.1 | CVE-2022-29162 | |
| libpython2_7-1_0=2.7.18-33.11.1 libpython3_4m1_0=3.4.10-25.93.1 python-base=2.7.18-33.11.1 python-xml=2.7.18-33.11.1 python3-base=3.4.10-25.93.1 python3=3.4.10-25.93.1 |
CVE-2015-20107 | |
| rsync=3.1.3-3.9.1 | CVE-2022-29154 | |
| grub2-i386-pc=2.02-143.2 grub2-snapper-plugin=2.02-143.2 grub2-systemd-sleep-plugin=2.02-143.2 grub2=2.02-143.2 |
CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28736 |
|
| libp11-kit0=0.23.2-8.10.1 p11-kit-tools=0.23.2-8.10.1 p11-kit=0.23.2-8.10.1 |
CVE-2020-29362 | |
| kernel-default=4.12.14-122.133.1 | CVE-2022-21385 CVE-2022-3028 |
|
| containerd=1.6.6-16.62.1 | CVE-2022-31030 | |
| ucode-intel=20220809-3.46.1 | CVE-2022-21233 | |
| libjson-c2=0.12.1-4.3.1 | CVE-2013-6371 CVE-2020-12762 |
|
| perl-HTTP-Daemon=6.01-9.5.1 | CVE-2022-31081 | |
| libopenssl1_1=1.1.1d-2.69.1 | CVE-2022-2097 | |
| libicu52_1-data=52.1-8.13.1 libicu52_1=52.1-8.13.1 |
CVE-2020-21913 | |
| java-11-openjdk-headless=11.0.16.0-3.46.1 | CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 |
|
| libcroco-0_6-3=0.6.11-12.6.45 | CVE-2020-12825 | |
| logrotate=3.11.0-2.20.1 | CVE-2021-3864 | |
| libpq5=14.5-3.14.9 postgresql10-server=10.22-4.31.1 postgresql10=10.22-4.31.1 postgresql14-server=14.5-3.14.9 postgresql14=14.5-3.14.9 |
CVE-2022-2625 | |
| libncurses5=5.9-78.1 libncurses6=5.9-78.1 ncurses-utils=5.9-78.1 terminfo-base=5.9-78.1 terminfo=5.9-78.1 |
CVE-2022-29458 | |
| expat=2.1.0-21.25.1 libexpat1=2.1.0-21.25.1 |
CVE-2022-40674 | |
| cifs-utils=6.9-13.23.1 | CVE-2022-29869 | |
| libpython3_6m1_0=3.6.15-27.1 python36-base=3.6.15-27.1 python36=3.6.15-27.1 |
CVE-2021-28861 | |
| python3-PyJWT=1.5.3-3.16.1 | CVE-2022-29217 | |
| permissions=20170707-6.10.1 | CVE-2022-31252 | |
| curl=7.60.0-11.46.1 libcurl4=7.60.0-11.46.1 |
CVE-2022-35252 | |
| libsqlite3-0=3.39.3-9.23.1 | CVE-2021-36690 CVE-2022-35737 |
|
| libjpeg8=8.1.2-31.28.1 | CVE-2020-35538 | |
| libpcre2-8-0=10.34-1.10.1 | CVE-2022-1587 | |
| gpg2-lang=2.0.24-9.11.1 gpg2=2.0.24-9.11.1 |
CVE-2022-34903 | |
| git-core=2.26.2-27.57.1 | CVE-2022-29187 | |
| libopenssl1_0_0=1.0.2p-3.56.1 openssl-1_0_0=1.0.2p-3.56.1 |
CVE-2022-1292 CVE-2022-2068 |
Third-party Open-Source Components CVEs Details:
Third-party Component |
CVEs | More Information |
|
moment/moment 2.29.3 |
CVE-2022-31129 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
| Passport.js0.5.2 | CVE-2022-25896 | |
| Apache Commons Configuration2.7 | CVE-2022-33980 | |
| Apache Tomcat9.0.64 | CVE-2022-34305 | |
| Spring Framework5.3.21 | CVE-2016-1000027 | |
| gson-2.8.5 | CVE-2022-25647 | |
| jackson-databind-2.10.4 | CVE-2020-25649 CVE-2020-36518 CVE-2020-28491 |
|
| netty-tcnative-boringssl-static-2.0.52.Final | CVE-2011-1797 | |
| netty-transport-4.1.66.Final | CVE-2021-37136 CVE-2021-37137 |
|
| okhttp-2.7.5 | CVE-2021-0341 | |
| postgresql-42.3.5 | CVE-2022-31197 | |
| Reactor RabbitMQ: A reactive API for RabbitMQ1.5.4 | CVE-2021-22116 | |
| snakeyaml-1.28 | CVE-2022-25857 | |
| tomcat-embed-core-9.0.62 | CVE-2022-29885 | |
| logback-classic 1.2.3 | CVE-2021-42550 | |
| Golang | CVE-2022-30629 CVE-2022-30580 CVE-2022-1962 CVE-2022-32148 CVE-2022-30635 CVE-2022-30633 CVE-2022-30632 CVE-2022-30631 CVE-2022-32189 |
Corrección y productos afectados
| Product | Affected Versions | Updated Versions | Link to Update | |
| Dell PowerProtect Data Manager | 19.11 and earlier | 19.12 and later | PowerProtect Data Manager 19.12 drivers and downloads. | |
Note: The above table may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
| Product | Affected Versions | Updated Versions | Link to Update | |
| Dell PowerProtect Data Manager | 19.11 and earlier | 19.12 and later | PowerProtect Data Manager 19.12 drivers and downloads. | |
Note: The above table may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Soluciones alternativas y mitigaciones
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2022-11-03 | Initial Release |
Información relacionada
Descargo de responsabilidad
Productos afectados
PowerProtect Data Manager, Product Security InformationPropiedades del artículo
Número del artículo: 000204973
Tipo de artículo: Dell Security Advisory
Última modificación: 09 sept 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.