DSA-2022-107: Dell Data Protection Advisor Security Update for Stored Cross Site Scripting Vulnerability
Résumé: Dell Data Protection Advisor (DPA) remediation is available for the Stored Cross Site Scripting Vulnerability that may be exploited by malicious users to compromise affected systems.
Cet article concerne
Cet article ne concerne pas
Cet article n’est associé à aucun produit spécifique.
Toutes les versions du produit ne sont pas identifiées dans cet article.
Impact
Medium
Détails
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-33935 | Dell Data Protection Advisor versions 19.6 and earlier contains a Stored Cross Site Scripting vulnerability. An attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the web browser runs the malicious code in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-33935 | Dell Data Protection Advisor versions 19.6 and earlier contains a Stored Cross Site Scripting vulnerability. An attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the web browser runs the malicious code in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Produits concernés et mesure corrective
| Product | Affected Versions | Updated Version | Link to Update |
| Data Protection Advisor |
19.6 and earlier |
19.7 Build B4 | https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| PowerProtect DP Series Appliance (IDPA) | IDPA 2.7.3 and earlier | IDPA 2.7.2 or IDPA 2.7.3 with DP Advisor 19.8 Build B33 patch |
Steps to upgrade: PowerProtect DP Series Appliance and IDPA: Steps to upgrade DPA or Data Protection Advisor component out of band within the appliance |
| Product | Affected Versions | Updated Version | Link to Update |
| Data Protection Advisor |
19.6 and earlier |
19.7 Build B4 | https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| PowerProtect DP Series Appliance (IDPA) | IDPA 2.7.3 and earlier | IDPA 2.7.2 or IDPA 2.7.3 with DP Advisor 19.8 Build B33 patch |
Steps to upgrade: PowerProtect DP Series Appliance and IDPA: Steps to upgrade DPA or Data Protection Advisor component out of band within the appliance |
Historique des révisions
| Revision | Date | Description |
| 1.0 | 2022-07-25 | Initial Release |
| 2.0 | 2023-03-06 | Added PowerProtect DP Series Appliance (IDPA) to Affected Products and Remediation section. |
| 3.0 | 2023-03-13 | Made some minor changes to links under "Link to Updates column" and Updated the "Affected Products" section under "Article Properties" |
| 4.0 | 2023-03-14 | Made changes to IDPA product-> "Link to Update" column |
| 5.0 | 2023-04-03 | Made changes to "Updated Version" & "Link to update" columns under "Affected Products and Remediation" section |
Informations connexes
Mention légale
Produits concernés
PowerProtect Data Protection Appliance, Data Protection Advisor, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security InformationPropriétés de l’article
Numéro d’article: 000201824
Type d’article: Dell Security Advisory
Dernière modification: 19 sept. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.