DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Sommaire

Article détaillé

Impact

Détails

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Envoyez vos commentaires

Résumé: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.

Consulter d’autres ressources

Impact

Critical

Détails

Third-party Component	CVEs	More information
Apache	CVE-2021-37533, CVE-2022-40146, CVE-2023-25690, CVE-2023-27522, CVE-2022-42252, CVE-2023-24998, CVE-2023-28708	https://nvd.nist.gov/vuln/detail/CVE-2021-37533, https://www.suse.com/security/cve/CVE-2022-40146.html, https://www.suse.com/security/cve/CVE-2023-25690.html, https://www.suse.com/security/cve/CVE-2023-27522.html, https://www.suse.com/security/cve/CVE-2022-42252.html, https://www.suse.com/security/cve/CVE-2023-24998.html, https://nvd.nist.gov/vuln/detail/CVE-2023-28708
WoodStox	CVE-2022-40152	https://www.suse.com/security/cve/CVE-2022-40152.html
Json	CVE-2023-1370, CVE-2022-45688	https://nvd.nist.gov/vuln/detail/CVE-2023-1370, https://nvd.nist.gov/vuln/detail/CVE-2022-45688
Curl	CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538	https://www.suse.com/security/cve/CVE-2023-27533.html, https://www.suse.com/security/cve/CVE-2023-27534.html, https://www.suse.com/security/cve/CVE-2023-27535.html, https://www.suse.com/security/cve/CVE-2023-27536.html, https://www.suse.com/security/cve/CVE-2023-27538.html
Java	CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628	https://www.suse.com/security/cve/CVE-2022-21619.html, https://www.suse.com/security/cve/CVE-2022-21624.html, https://www.suse.com/security/cve/CVE-2022-21626.html, https://www.suse.com/security/cve/CVE-2022-21628.html
Jettison	CVE-2022-40149, CVE-2022-40150, CVE-2022-45685, CVE-2022-45693, CVE-2023-1436	https://www.suse.com/security/cve/CVE-2022-40149.html, https://www.suse.com/security/cve/CVE-2022-40150.html, https://www.suse.com/security/cve/CVE-2022-45685.html, https://www.suse.com/security/cve/CVE-2022-45693.html, https://www.suse.com/security/cve/CVE-2023-1436.html
Kernel	CVE-2017-5754, CVE-2021-4203, CVE-2022-2991, CVE-2022-4129, CVE-2022-4662, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545	https://www.suse.com/security/cve/CVE-2017-5754.html, https://www.suse.com/security/cve/CVE-2021-4203.html, https://www.suse.com/security/cve/CVE-2022-2991.html, https://www.suse.com/security/cve/CVE-2022-4129.html, https://www.suse.com/security/cve/CVE-2022-4662.html, https://www.suse.com/security/cve/CVE-2022-36280.html, https://www.suse.com/security/cve/CVE-2022-38096.html, https://www.suse.com/security/cve/CVE-2022-47929.html, https://www.suse.com/security/cve/CVE-2023-0045.html, https://www.suse.com/security/cve/CVE-2023-0266.html, https://www.suse.com/security/cve/CVE-2023-0590.html, https://www.suse.com/security/cve/CVE-2023-0597.html, https://www.suse.com/security/cve/CVE-2023-1118.html, https://www.suse.com/security/cve/CVE-2023-23559.html, https://www.suse.com/security/cve/CVE-2023-26545.html
libbind9-161	CVE-2022-2795, CVE-2022-38177, CVE-2022-38178	https://www.suse.com/security/cve/CVE-2022-2795.html, https://www.suse.com/security/cve/CVE-2022-38177.html, https://www.suse.com/security/cve/CVE-2022-38178.html
Openssl	CVE-2022-4450, CVE-2023-0215, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466	https://www.suse.com/security/cve/CVE-2022-4450.html, https://www.suse.com/security/cve/CVE-2023-0215.html, https://www.suse.com/security/cve/CVE-2023-0464.html, https://www.suse.com/security/cve/CVE-2023-0465.html, https://www.suse.com/security/cve/CVE-2023-0466.html
Python	CVE-2022-45061, CVE-2023-24329	https://www.suse.com/security/cve/CVE-2022-45061.html, https://www.suse.com/security/cve/CVE-2023-24329.html
Springframework	CVE-2022-22950, CVE-2022-22970, CVE-2022-22971, CVE-2023-20861, CVE-2023-20863, CVE-2023-20873	https://nvd.nist.gov/vuln/detail/CVE-2022-22950, https://nvd.nist.gov/vuln/detail/CVE-2022-22970, https://nvd.nist.gov/vuln/detail/CVE-2022-22971, https://nvd.nist.gov/vuln/detail/CVE-2023-20861, https://nvd.nist.gov/vuln/detail/CVE-2023-20863, https://nvd.nist.gov/vuln/detail/CVE-2023-20873
TAR	CVE-2022-48303	https://www.suse.com/security/cve/CVE-2022-48303.html
libapr-util1	CVE-2022-25147	https://www.suse.com/security/cve/CVE-2022-25147.html
libpcre2-8-0	CVE-2022-1587	https://www.suse.com/security/cve/CVE-2022-1587.html
libX11	CVE-2022-3555	https://www.suse.com/security/cve/CVE-2022-3555.html
libxslt1	CVE-2021-30560	https://www.suse.com/security/cve/CVE-2021-30560.html
TCL	suse-su-20223653-1	https://www.suse.com/pt-br/support/update/announcement/2022/suse-su-20223653-1/

Proprietary Code CVE	Description	CVSS Base Score	CVSS Vector String
CVE-2023-28043	Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.	6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Proprietary Code CVE	Description	CVSS Base Score	CVSS Vector String
CVE-2023-28043	Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.	6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product	Affected Versions	Remediated Versions	Link
Dell Secure Connect Gateway	Version 5.14.00.16	Version 5.16	https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers

Product	Affected Versions	Remediated Versions	Link
Dell Secure Connect Gateway	Version 5.14.00.16	Version 5.16	https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers

Historique des révisions

Revision	Date	Description
1.0	2023-05-31	Initial Release
2.0	2023-06-19	Updated Proprietary code CVE score and CVSS Vector String
3.0	2023-09-01	Updated for enhanced presentation with no changes to content. Added external link icons.

Informations connexes

Mention légale

Produits concernés

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition

Numéro d’article: 000214205

Type d’article: Dell Security Advisory

Dernière modification: 19 sept. 2025

Vérifiez si votre appareil est couvert par les services de support.

DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Résumé: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impact

Détails

Produits concernés et mesure corrective

Historique des révisions

Informations connexes

Mention légale

Produits concernés

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support

Propriétés de l’article

Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell

Services de support