DSA-2023-127: Dell PowerProtect Data Manager Security Update for Multiple Security Vulnerabilities
Resumen: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
Operating System Components CVE Details:
PPDM Core
PPDM-UI
PPDM Cloud Disaster Recovery
PPDM Kubernetes cProxy
PPDM Native Reporting
Cloud Snapshot Manager
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| libpython3_6m1_0=3.6.15-32.2 python36-base=3.6.15-32.2 python36=3.6.15-32.2 |
CVE-2022-37454 | See NVD ( http://nvd.nist.gov/)  for individual scores for Each CVE |
| bind-utils=9.11.22-3.43.1 libbind9-161=9.11.22-3.43.1 libdns1110=9.11.22-3.43.1 libirs161=9.11.22-3.43.1 libisc1107=9.11.22-3.43.1 libisccc161=9.11.22-3.43.1 libisccfg163=9.11.22-3.43.1 liblwres161=9.11.22-3.43.1 python-bind=9.11.22-3.43.1 |
CVE-2022-2795 CVE-2022-38177 CVE-2022-38178 |
|
| tar-lang=1.27.1-15.18.1 tar=1.27.1-15.18.1 |
CVE-2022-48303 | |
| samba-client-libs=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs-python3=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs=4.15.13+git.534.0d9f8ece26-3.77.1 |
CVE-2021-20251 CVE-2022-38023 |
|
| libtirpc-netconfig=1.0.1-17.24.1 libtirpc3=1.0.1-17.24.1 |
CVE-2021-46828 | |
| dbus-1-x11=1.8.22-41.1 dbus-1=1.8.22-41.1 libdbus-1-3=1.8.22-41.1 |
CVE-2022-42010 | |
| libopenssl1_0_0=1.0.2p-3.64.1 libopenssl1_1=1.1.1d-2.75.1 openssl-1_0_0=1.0.2p-3.64.1 |
CVE-2023-0286 | |
| libsqlite3-0=3.39.3-9.26.1 sqlite3-tcl=3.39.3-9.26.1 |
CVE-2022-46908 | |
| libmspack0=0.4-15.13.1 | CVE-2018-18586 | |
| glibc-i18ndata=2.22-114.22.1 glibc-locale=2.22-114.22.1 glibc=2.22-114.22.1 |
CVE-2015-8985 | |
| emacs-info=24.3-25.9.1 emacs-nox=24.3-25.9.1 emacs=24.3-25.9.1 etags=24.3-25.9.1 |
CVE-2022-45939 | |
| git-core=2.26.2-27.66.1 | CVE-2023-22490 | |
| grub2-i386-pc=2.02-156.1 grub2-snapper-plugin=2.02-156.1 grub2-systemd-sleep-plugin=2.02-156.1 grub2=2.02-156.1 |
CVE-2022-2601 CVE-2022-3775 |
|
| expat=2.1.0-21.28.1 libexpat1=2.1.0-21.28.1 |
CVE-2022-43680 | |
| libxml2-2=2.9.4-46.59.2 libxml2-tools=2.9.4-46.59.2 |
CVE-2022-40303 | |
| python3-setuptools=40.6.2-4.21.1 python36-setuptools=44.1.1-8.6.1 |
CVE-2022-40897 | |
| libpython3_4m1_0=3.4.10-25.105.1 python3-base=3.4.10-25.105.1 |
CVE-2022-40899 | |
| w3m=0.5.3.git20161120-161.6.1 | CVE-2022-38223 | |
| containerd=1.6.12-16.68.1 | CVE-2022-23471 CVE-2022-27191 |
|
| libX11-6=1.6.2-12.24.1 libX11-data=1.6.2-12.24.1 |
CVE-2022-3554 CVE-2022-3555 |
|
| libsnmp30=5.7.3-11.6.1 net-snmp=5.7.3-11.6.1 perl-SNMP=5.7.3-11.6.1 snmp-mibs=5.7.3-11.6.1 |
CVE-2022-44793 | |
| vim-data-common=9.0.1234-17.12.1 vim-data=9.0.1234-17.12.1 vim=9.0.1234-17.12.1 |
CVE-2021-3928 CVE-2022-3234 CVE-2022-3235 CVE-2022-3324 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| rpm=4.11.2-16.26.1 | CVE-2021-20271 CVE-2021-3421 |
|
| java-11-openjdk-headless=11.0.18.0-3.52.1 | CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2023-21835 CVE-2023-21843 |
|
| libfreebl3-hmac=3.79.4-58.94.1 libfreebl3=3.79.4-58.94.1 libsoftokn3-hmac=3.79.4-58.94.1 libsoftokn3=3.79.4-58.94.1 mozilla-nss-certs=3.79.4-58.94.1 mozilla-nss=3.79.4-58.94.1 |
CVE-2022-23491 CVE-2022-3479 CVE-2023-0767 |
|
| krb5=1.12.5-40.46.1 | CVE-2022-42898 | |
| sudo=1.8.27-4.33.1 | CVE-2023-22809 | |
| libpython2_7-1_0=2.7.18-33.17.1 python-base=2.7.18-33.17.1 python-xml=2.7.18-33.17.1 python3=3.4.10-25.105.1 |
CVE-2022-45061 | |
| libksba8=1.3.0-24.6.1 | CVE-2022-47629 | |
| curl=7.60.0-11.55.1 libcurl4=7.60.0-11.55.1 |
CVE-2023-23916 | |
| libsystemd0=228-157.49.1 libudev1=228-157.49.1 systemd-bash-completion=228-157.49.1 systemd-sysvinit=228-157.49.1 systemd=228-157.49.1 udev=228-157.49.1 |
CVE-2022-4415 | |
| ucode-intel=20230214-3.49.1 | CVE-2022-21216 CVE-2022-33196 CVE-2022-38090 |
|
| libtasn1-6=4.9-3.13.1 libtasn1=4.9-3.13.1 |
CVE-2021-46848 | |
| python3-py=1.8.1-11.15.2 | CVE-2020-29651 CVE-2022-42969 |
|
| kernel-default=4.12.14-122.147.1 | CVE-2023-23454 | |
| libdb-4_8=4.8.30-33.1 | CVE-2019-2708 | |
| dhcp-client=4.3.3-10.28.1 dhcp=4.3.3-10.28.1 |
CVE-2022-2928 CVE-2022-2929 |
|
| kpartx=0.7.9+232+suse.cbc3754-3.14.1 | CVE-2022-41973 | |
| libpq5=15.2-3.6.1 postgresql14-server=14.7-3.20.1 postgresql14=14.7-3.20.1 |
CVE-2022-41862 |
PPDM Core
| Third Party Component | CVEs | More Information |
| jettison-1.1/jettison-1.4 Jettison - Json Stax implementation1.1 |
CVE-2022-40149 CVE-2022-40150 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| XStream1.4.19 | CVE-2022-40151 CVE-2022-40152 CVE-2022-41966 |
|
| snakeyaml-1.30 | CVE-2022-25857 | |
| jackson-databind2.13.4 | CVE-2022-42003 | |
| Apache Commons JXPath1.3 | CVE-2022-41852 CVE-2022-40159 CVE-2022-40157 CVE-2022-40160 CVE-2022-40161 CVE-2022-40158 |
|
| Apache Commons Text1.9 | CVE-2022-42889 | |
| Spring Security5.7.4 | CVE-2022-31692 CVE-2022-31690 |
|
| PostgreSQL JDBC Driver (pgjdbc)42.4.2 | CVE-2022-41946 | |
| zip4j 2.10.0/zip4j 2.11.2 | CVE-2023-22899 |
PPDM-UI
| Third-Party Component | CVEs | More Information |
| engine io 6.2.0 | CVE-2022-41940 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| glob-parent 5.1.2 | CVE-2020-28469 | |
| jszip 3.7.1 | CVE-2022-48285 | |
| minimatch 3.0.4 | CVE-2022-3517 | |
| qs 6.5.2 | CVE-2022-24999 | |
| sindresorhus/got 9.6.0 | CVE-2021-33502 | |
| socket io-parser 4.0.4 | CVE-2022-2421 | |
| terser 5.11.0 | CVE-2022-25858 |
PPDM Cloud Disaster Recovery
| Third Party Component | CVEs | More Information |
| Spring Security 5.5.7 | CVE-2022-31690 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| jackson-databind 2.13.4 | CVE-2022-42003 | |
| spring_framework_version 5.3.23 | CVE-2016-1000027 | |
| snake_yaml_version 1.31 | CVE-2022-41854 CVE-2022-38752 |
|
| jettison_version 1.5.1 | CVE-2022-45693 CVE-2022-45685 |
|
| hsql 2.6.1 | CVE-2022-41853 |
PPDM Kubernetes cProxy
| Third Party Component | CVEs | More Information |
| curl <v7.88.0 | CVE-2023-23916 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| GNU Tar 1.27.1-15.15.1 | CVE-2022-48303 |
PPDM Native Reporting
| Third Party Component | CVEs | More Information |
| Apache POI 2.5.1/Apache POI 3.10-beta2 | CVE-2017-12626 CVE-2019-12415 CVE-2016-5000 CVE-2022-26336 CVE-2017-5644 CVE-2012-0213 CVE-2014-9527 CVE-2014-3574 CVE-2014-3529 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| BeanShell 2.0b4 | CVE-2016-2510 | |
| Jsoup 1.7.3 | CVE-2021-37714 CVE-2022-36033 CVE-2015-6748 |
|
| libplexus-utils 2.0.5/ libplexus-utils 1.5.15 | CVE-2017-1000487 | |
| Maven Shared Utils 0.1 Maven Shared Utils 0.4 Maven Shared Utils 0.7 |
CVE-2022-29599 | |
| XMLBeans 2.3.0 | CVE-2021-23926 |
Cloud Snapshot Manager
| Third Party Component | CVEs | More Information |
| cryptiles 3.1.2 | CVE-2018-1000620 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| deep-extend 0.4.2 | CVE-2018-3750 | |
| extend 3.0.1 | CVE-2018-16492 CVE-2018-16492 |
|
| Handlebars.js 4.0.11 | CVE-2021-23369 CVE-2021-23383 CVE-2019-19919 |
|
| json-schema 0.2.3 | CVE-2021-3918 | |
| knex 0.14.6 | CVE-2019-10757 CVE-2019-10757 |
|
| Lodash 4.17.10 | CVE-2019-10744 CVE-2021-23337 |
|
| minimist 1.2.0 | CVE-2021-44906 | |
| mixin-deep 1.3.1 | CVE-2019-10746 | |
| set-value 0.4.3 | CVE-2021-23440 CVE-2019-10747 |
|
| y18n 4.0.0 | CVE-2020-7774 | |
| yeikos/js.merge 1.2.0 | CVE-2020-28499 | |
| ansi-regex 4.1.0 | CVE-2021-3807 | |
| Async 2.6.0 | CVE-2021-43138 | |
| axios 0.18.1 | CVE-2021-3749 | |
| dicer 0.2.5 | CVE-2022-24434 | |
| dot-prop 4.2.0 | CVE-2020-8116 | |
| doTJS v1.1.2 | CVE-2020-8141 | |
| glob-parent 2.0.0 | CVE-2020-28469 | |
| hueniverse/hawk 6.0.2 | CVE-2022-29167 | |
| ini 1.3.5 | CVE-2020-7788 | |
| kind-of 6.0.2 | CVE-2019-20149 | |
| knowledgecode/date-and-time 0.11.1 | CVE-2020-26289 | |
| moment/moment 2.24.0 | CVE-2022-24785 CVE-2022-31129 |
|
| node-forge 0.8.4 | CVE-2022-24771 CVE-2022-24772 CVE-2020-7720 |
|
| Nodemailerv 6.4.18 | CVE-2021-23400 | |
| path-parse 1.0.5 | CVE-2021-23343 | |
| pathval 1.1.0 | CVE-2020-7751 | |
| redis 2.8.0 | CVE-2021-29469 | |
| simple-getv 3.1.0 | CVE-2022-0355 | |
| tar v4.4.10 | CVE-2021-32803 CVE-2021-32804 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 |
|
| tmpl 1.0.4 | CVE-2021-3777 | |
| Underscore.js 1.9.1 | CVE-2021-23358 | |
| validator.js 9.4.1 | CVE-2021-3765 | |
| ajv 5.5.2 | CVE-2020-15366 | |
| bl 4.0.2 | CVE-2020-8244 | |
| debug-js/debug 2.2.0 | CVE-2017-16137 | |
| follow-redirects 1.7.0 | CVE-2022-0155 CVE-2022-0536 |
|
| hosted-git-info 2.7.1 | CVE-2021-23362 | |
| jszip 3.2.2 | CVE-2021-21366 CVE-2021-32796 |
|
| micromatch/braces 1.8.5 | CVE-2018-1109 | |
| mikaelbr/node-notifier 5.2.1 | CVE-2020-7789 | |
| node-fetch 2.6.0 | CVE-2020-15168 CVE-2022-0235 |
|
| Passport.js 0.3.2 | CVE-2022-25896 | |
| randomatic 1.1.7 | CVE-2017-16028 | |
| stringstream 0.0.5 | CVE-2018-21270 | |
| undefsafe 2.0.2 | CVE-2019-10795 | |
| xmldom 0.1.27 | CVE-2021-21366 CVE-2021-32796 |
|
| yargs-parser 2.4.1 | CVE-2020-7608 | |
| Chownr 1.0.1 | CVE-2017-18869 |
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| SQLite 3.38.1 SQLite 3.39.4 |
CVE-2022-35737 CVE-2022-46908 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| Zlib 1.2.11 | CVE-2022-37434 CVE-2018-25032 |
|
| Libxml 2.9.14 | CVE-2022-40304 CVE-2022-40303 |
|
| Libcurl 7.86 | CVE-2022-43551 CVE-2022-43552 |
Operating System Components CVE Details:
PPDM Core
PPDM-UI
PPDM Cloud Disaster Recovery
PPDM Kubernetes cProxy
PPDM Native Reporting
Cloud Snapshot Manager
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| libpython3_6m1_0=3.6.15-32.2 python36-base=3.6.15-32.2 python36=3.6.15-32.2 |
CVE-2022-37454 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| bind-utils=9.11.22-3.43.1 libbind9-161=9.11.22-3.43.1 libdns1110=9.11.22-3.43.1 libirs161=9.11.22-3.43.1 libisc1107=9.11.22-3.43.1 libisccc161=9.11.22-3.43.1 libisccfg163=9.11.22-3.43.1 liblwres161=9.11.22-3.43.1 python-bind=9.11.22-3.43.1 |
CVE-2022-2795 CVE-2022-38177 CVE-2022-38178 |
|
| tar-lang=1.27.1-15.18.1 tar=1.27.1-15.18.1 |
CVE-2022-48303 | |
| samba-client-libs=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs-python3=4.15.13+git.534.0d9f8ece26-3.77.1 samba-libs=4.15.13+git.534.0d9f8ece26-3.77.1 |
CVE-2021-20251 CVE-2022-38023 |
|
| libtirpc-netconfig=1.0.1-17.24.1 libtirpc3=1.0.1-17.24.1 |
CVE-2021-46828 | |
| dbus-1-x11=1.8.22-41.1 dbus-1=1.8.22-41.1 libdbus-1-3=1.8.22-41.1 |
CVE-2022-42010 | |
| libopenssl1_0_0=1.0.2p-3.64.1 libopenssl1_1=1.1.1d-2.75.1 openssl-1_0_0=1.0.2p-3.64.1 |
CVE-2023-0286 | |
| libsqlite3-0=3.39.3-9.26.1 sqlite3-tcl=3.39.3-9.26.1 |
CVE-2022-46908 | |
| libmspack0=0.4-15.13.1 | CVE-2018-18586 | |
| glibc-i18ndata=2.22-114.22.1 glibc-locale=2.22-114.22.1 glibc=2.22-114.22.1 |
CVE-2015-8985 | |
| emacs-info=24.3-25.9.1 emacs-nox=24.3-25.9.1 emacs=24.3-25.9.1 etags=24.3-25.9.1 |
CVE-2022-45939 | |
| git-core=2.26.2-27.66.1 | CVE-2023-22490 | |
| grub2-i386-pc=2.02-156.1 grub2-snapper-plugin=2.02-156.1 grub2-systemd-sleep-plugin=2.02-156.1 grub2=2.02-156.1 |
CVE-2022-2601 CVE-2022-3775 |
|
| expat=2.1.0-21.28.1 libexpat1=2.1.0-21.28.1 |
CVE-2022-43680 | |
| libxml2-2=2.9.4-46.59.2 libxml2-tools=2.9.4-46.59.2 |
CVE-2022-40303 | |
| python3-setuptools=40.6.2-4.21.1 python36-setuptools=44.1.1-8.6.1 |
CVE-2022-40897 | |
| libpython3_4m1_0=3.4.10-25.105.1 python3-base=3.4.10-25.105.1 |
CVE-2022-40899 | |
| w3m=0.5.3.git20161120-161.6.1 | CVE-2022-38223 | |
| containerd=1.6.12-16.68.1 | CVE-2022-23471 CVE-2022-27191 |
|
| libX11-6=1.6.2-12.24.1 libX11-data=1.6.2-12.24.1 |
CVE-2022-3554 CVE-2022-3555 |
|
| libsnmp30=5.7.3-11.6.1 net-snmp=5.7.3-11.6.1 perl-SNMP=5.7.3-11.6.1 snmp-mibs=5.7.3-11.6.1 |
CVE-2022-44793 | |
| vim-data-common=9.0.1234-17.12.1 vim-data=9.0.1234-17.12.1 vim=9.0.1234-17.12.1 |
CVE-2021-3928 CVE-2022-3234 CVE-2022-3235 CVE-2022-3324 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| rpm=4.11.2-16.26.1 | CVE-2021-20271 CVE-2021-3421 |
|
| java-11-openjdk-headless=11.0.18.0-3.52.1 | CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-39399 CVE-2023-21835 CVE-2023-21843 |
|
| libfreebl3-hmac=3.79.4-58.94.1 libfreebl3=3.79.4-58.94.1 libsoftokn3-hmac=3.79.4-58.94.1 libsoftokn3=3.79.4-58.94.1 mozilla-nss-certs=3.79.4-58.94.1 mozilla-nss=3.79.4-58.94.1 |
CVE-2022-23491 CVE-2022-3479 CVE-2023-0767 |
|
| krb5=1.12.5-40.46.1 | CVE-2022-42898 | |
| sudo=1.8.27-4.33.1 | CVE-2023-22809 | |
| libpython2_7-1_0=2.7.18-33.17.1 python-base=2.7.18-33.17.1 python-xml=2.7.18-33.17.1 python3=3.4.10-25.105.1 |
CVE-2022-45061 | |
| libksba8=1.3.0-24.6.1 | CVE-2022-47629 | |
| curl=7.60.0-11.55.1 libcurl4=7.60.0-11.55.1 |
CVE-2023-23916 | |
| libsystemd0=228-157.49.1 libudev1=228-157.49.1 systemd-bash-completion=228-157.49.1 systemd-sysvinit=228-157.49.1 systemd=228-157.49.1 udev=228-157.49.1 |
CVE-2022-4415 | |
| ucode-intel=20230214-3.49.1 | CVE-2022-21216 CVE-2022-33196 CVE-2022-38090 |
|
| libtasn1-6=4.9-3.13.1 libtasn1=4.9-3.13.1 |
CVE-2021-46848 | |
| python3-py=1.8.1-11.15.2 | CVE-2020-29651 CVE-2022-42969 |
|
| kernel-default=4.12.14-122.147.1 | CVE-2023-23454 | |
| libdb-4_8=4.8.30-33.1 | CVE-2019-2708 | |
| dhcp-client=4.3.3-10.28.1 dhcp=4.3.3-10.28.1 |
CVE-2022-2928 CVE-2022-2929 |
|
| kpartx=0.7.9+232+suse.cbc3754-3.14.1 | CVE-2022-41973 | |
| libpq5=15.2-3.6.1 postgresql14-server=14.7-3.20.1 postgresql14=14.7-3.20.1 |
CVE-2022-41862 |
PPDM Core
| Third Party Component | CVEs | More Information |
| jettison-1.1/jettison-1.4 Jettison - Json Stax implementation1.1 |
CVE-2022-40149 CVE-2022-40150 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| XStream1.4.19 | CVE-2022-40151 CVE-2022-40152 CVE-2022-41966 |
|
| snakeyaml-1.30 | CVE-2022-25857 | |
| jackson-databind2.13.4 | CVE-2022-42003 | |
| Apache Commons JXPath1.3 | CVE-2022-41852 CVE-2022-40159 CVE-2022-40157 CVE-2022-40160 CVE-2022-40161 CVE-2022-40158 |
|
| Apache Commons Text1.9 | CVE-2022-42889 | |
| Spring Security5.7.4 | CVE-2022-31692 CVE-2022-31690 |
|
| PostgreSQL JDBC Driver (pgjdbc)42.4.2 | CVE-2022-41946 | |
| zip4j 2.10.0/zip4j 2.11.2 | CVE-2023-22899 |
PPDM-UI
| Third-Party Component | CVEs | More Information |
| engine io 6.2.0 | CVE-2022-41940 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| glob-parent 5.1.2 | CVE-2020-28469 | |
| jszip 3.7.1 | CVE-2022-48285 | |
| minimatch 3.0.4 | CVE-2022-3517 | |
| qs 6.5.2 | CVE-2022-24999 | |
| sindresorhus/got 9.6.0 | CVE-2021-33502 | |
| socket io-parser 4.0.4 | CVE-2022-2421 | |
| terser 5.11.0 | CVE-2022-25858 |
PPDM Cloud Disaster Recovery
| Third Party Component | CVEs | More Information |
| Spring Security 5.5.7 | CVE-2022-31690 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| jackson-databind 2.13.4 | CVE-2022-42003 | |
| spring_framework_version 5.3.23 | CVE-2016-1000027 | |
| snake_yaml_version 1.31 | CVE-2022-41854 CVE-2022-38752 |
|
| jettison_version 1.5.1 | CVE-2022-45693 CVE-2022-45685 |
|
| hsql 2.6.1 | CVE-2022-41853 |
PPDM Kubernetes cProxy
| Third Party Component | CVEs | More Information |
| curl <v7.88.0 | CVE-2023-23916 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| GNU Tar 1.27.1-15.15.1 | CVE-2022-48303 |
PPDM Native Reporting
| Third Party Component | CVEs | More Information |
| Apache POI 2.5.1/Apache POI 3.10-beta2 | CVE-2017-12626 CVE-2019-12415 CVE-2016-5000 CVE-2022-26336 CVE-2017-5644 CVE-2012-0213 CVE-2014-9527 CVE-2014-3574 CVE-2014-3529 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| BeanShell 2.0b4 | CVE-2016-2510 | |
| Jsoup 1.7.3 | CVE-2021-37714 CVE-2022-36033 CVE-2015-6748 |
|
| libplexus-utils 2.0.5/ libplexus-utils 1.5.15 | CVE-2017-1000487 | |
| Maven Shared Utils 0.1 Maven Shared Utils 0.4 Maven Shared Utils 0.7 |
CVE-2022-29599 | |
| XMLBeans 2.3.0 | CVE-2021-23926 |
Cloud Snapshot Manager
| Third Party Component | CVEs | More Information |
| cryptiles 3.1.2 | CVE-2018-1000620 | See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| deep-extend 0.4.2 | CVE-2018-3750 | |
| extend 3.0.1 | CVE-2018-16492 CVE-2018-16492 |
|
| Handlebars.js 4.0.11 | CVE-2021-23369 CVE-2021-23383 CVE-2019-19919 |
|
| json-schema 0.2.3 | CVE-2021-3918 | |
| knex 0.14.6 | CVE-2019-10757 CVE-2019-10757 |
|
| Lodash 4.17.10 | CVE-2019-10744 CVE-2021-23337 |
|
| minimist 1.2.0 | CVE-2021-44906 | |
| mixin-deep 1.3.1 | CVE-2019-10746 | |
| set-value 0.4.3 | CVE-2021-23440 CVE-2019-10747 |
|
| y18n 4.0.0 | CVE-2020-7774 | |
| yeikos/js.merge 1.2.0 | CVE-2020-28499 | |
| ansi-regex 4.1.0 | CVE-2021-3807 | |
| Async 2.6.0 | CVE-2021-43138 | |
| axios 0.18.1 | CVE-2021-3749 | |
| dicer 0.2.5 | CVE-2022-24434 | |
| dot-prop 4.2.0 | CVE-2020-8116 | |
| doTJS v1.1.2 | CVE-2020-8141 | |
| glob-parent 2.0.0 | CVE-2020-28469 | |
| hueniverse/hawk 6.0.2 | CVE-2022-29167 | |
| ini 1.3.5 | CVE-2020-7788 | |
| kind-of 6.0.2 | CVE-2019-20149 | |
| knowledgecode/date-and-time 0.11.1 | CVE-2020-26289 | |
| moment/moment 2.24.0 | CVE-2022-24785 CVE-2022-31129 |
|
| node-forge 0.8.4 | CVE-2022-24771 CVE-2022-24772 CVE-2020-7720 |
|
| Nodemailerv 6.4.18 | CVE-2021-23400 | |
| path-parse 1.0.5 | CVE-2021-23343 | |
| pathval 1.1.0 | CVE-2020-7751 | |
| redis 2.8.0 | CVE-2021-29469 | |
| simple-getv 3.1.0 | CVE-2022-0355 | |
| tar v4.4.10 | CVE-2021-32803 CVE-2021-32804 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 |
|
| tmpl 1.0.4 | CVE-2021-3777 | |
| Underscore.js 1.9.1 | CVE-2021-23358 | |
| validator.js 9.4.1 | CVE-2021-3765 | |
| ajv 5.5.2 | CVE-2020-15366 | |
| bl 4.0.2 | CVE-2020-8244 | |
| debug-js/debug 2.2.0 | CVE-2017-16137 | |
| follow-redirects 1.7.0 | CVE-2022-0155 CVE-2022-0536 |
|
| hosted-git-info 2.7.1 | CVE-2021-23362 | |
| jszip 3.2.2 | CVE-2021-21366 CVE-2021-32796 |
|
| micromatch/braces 1.8.5 | CVE-2018-1109 | |
| mikaelbr/node-notifier 5.2.1 | CVE-2020-7789 | |
| node-fetch 2.6.0 | CVE-2020-15168 CVE-2022-0235 |
|
| Passport.js 0.3.2 | CVE-2022-25896 | |
| randomatic 1.1.7 | CVE-2017-16028 | |
| stringstream 0.0.5 | CVE-2018-21270 | |
| undefsafe 2.0.2 | CVE-2019-10795 | |
| xmldom 0.1.27 | CVE-2021-21366 CVE-2021-32796 |
|
| yargs-parser 2.4.1 | CVE-2020-7608 | |
| Chownr 1.0.1 | CVE-2017-18869 |
PPDM AppAgents
| Third Party Component | CVEs | More Information |
| SQLite 3.38.1 SQLite 3.39.4 |
CVE-2022-35737 CVE-2022-46908 |
See NVD ( http://nvd.nist.gov/) for individual scores for Each CVE |
| Zlib 1.2.11 | CVE-2022-37434 CVE-2018-25032 |
|
| Libxml 2.9.14 | CVE-2022-40304 CVE-2022-40303 |
|
| Libcurl 7.86 | CVE-2022-43551 CVE-2022-43552 |
Corrección y productos afectados
| Product | Affected Versions | Updated Version | Link to Update |
| Dell PowerProtect Data Manager | 19.12 and earlier | 19.13 and later | PPDM 19.13 drivers and downloads |
| Dell PowerProtect Data Manager Appliance (DM5500) | 5.12 | 5.13 | DM5500 5.13 Downloads |
| Product | Affected Versions | Updated Version | Link to Update |
| Dell PowerProtect Data Manager | 19.12 and earlier | 19.13 and later | PPDM 19.13 drivers and downloads |
| Dell PowerProtect Data Manager Appliance (DM5500) | 5.12 | 5.13 | DM5500 5.13 Downloads |
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2023-04-03 | Initial Release |
| 2.0 | 2023-05-05 | Added New Product Under "Affected Products and Remediation" Section |
Información relacionada
Descargo de responsabilidad
Productos afectados
PowerProtect Data Manager Appliance, PowerProtect Data Manager, Product Security InformationPropiedades del artículo
Número del artículo: 000211965
Tipo de artículo: Dell Security Advisory
Última modificación: 19 sept 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.