DSA-2023-454: Security Update for Dell Cloud Tiering Appliance for Multiple Third-Party Component Vulnerabilities

Resumen: Dell Cloud Tiering Appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

High

Detalles

Third-party Component CVEs More Information
bind CVE-2023-3341 CVE-2023-3341 This hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2020-19726, CVE-2021-32256, CVE-2022-35205, CVE-2022-35206, CVE-2022-4285, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696, CVE-2022-48063, CVE-2022-48064, CVE-2022-48065, CVE-2023-0687, CVE-2023-1579, CVE-2023-1972, CVE-2023-2222, CVE-2023-25585, CVE-2023-25587, CVE-2023-25588 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cups CVE-2023-32360,  CVE-2023-4504 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc CVE-2023-4039 CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2023-4813 CVE-2023-4813 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22006,CVE-2023-22036,CVE-2023-22041,CVE-2023-22044,CVE-2023-22045,CVE-2023-22049,CVE-2023-25193 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2023-3358,CVE-2023-3390,CVE-2023-23455,CVE-2023-23454 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2023-36054 CVE-2023-36054 This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2 CVE-2023-35945 CVE-2023-35945 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-20867,CVE-2023-20900 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_1 CVE-2022-4304,CVE-2023-3446,CVE-2023-3817 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python2 CVE-2023-39615 CVE-2023-39615 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2023-40217 CVE-2023-40217 This hyperlink is taking you to a website outside of Dell Technologies.
Third-party Component CVEs More Information
bind CVE-2023-3341 CVE-2023-3341 This hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2020-19726, CVE-2021-32256, CVE-2022-35205, CVE-2022-35206, CVE-2022-4285, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696, CVE-2022-48063, CVE-2022-48064, CVE-2022-48065, CVE-2023-0687, CVE-2023-1579, CVE-2023-1972, CVE-2023-2222, CVE-2023-25585, CVE-2023-25587, CVE-2023-25588 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cups CVE-2023-32360,  CVE-2023-4504 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc CVE-2023-4039 CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2023-4813 CVE-2023-4813 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22006,CVE-2023-22036,CVE-2023-22041,CVE-2023-22044,CVE-2023-22045,CVE-2023-22049,CVE-2023-25193 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2023-3358,CVE-2023-3390,CVE-2023-23455,CVE-2023-23454 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2023-36054 CVE-2023-36054 This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2 CVE-2023-35945 CVE-2023-35945 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-20867,CVE-2023-20900 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_1 CVE-2022-4304,CVE-2023-3446,CVE-2023-3817 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python2 CVE-2023-39615 CVE-2023-39615 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2023-40217 CVE-2023-40217 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Product Software/Firmware Affected Versions Updated Version Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-applianceve/drivers
Product Software/Firmware Affected Versions Updated Version Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-applianceve/drivers

Historial de revisiones

RevisionDateDescription
1.029-11-2023Initial Release

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

Cloud Tiering Appliance, Cloud Tiering Appliance Platform, Cloud Tiering Appliance/VE
Propiedades del artículo
Número del artículo: 000219980
Tipo de artículo: Dell Security Advisory
Última modificación: 19 sept 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.