DSA-2025-264: Security Update for Dell CloudBoost Virtual Appliance Multiple Third-Party Component Vulnerabilities

Sommaire: Dell CloudBoost Virtual Appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article s’applique à Cet article ne s’applique pas à Cet article n’est lié à aucun produit spécifique. Toutes les versions de produits ne sont pas identifiées dans cet article.

Impact

Critical

Détails

Third-party Component

CVEs

More Information

Apache HTTP Server CVE-2024-40725, CVE-2024-40898 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Apache Thrift Go CVE-2016-5397 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Curl CVE-2018-16839, CVE-2016-8620, CVE-2016-8618, CVE-2019-5482, CVE-2016-9953, CVE-2017-8817, CVE-2018-10001, CVE-2016-8619, CVE-2022-32221, CVE-2016-7167, CVE-2018-14618, CVE-2016-4606, CVE-2018-10000, CVE-2016-8622, CVE-2018-16842, CVE-2017-10002, CVE-2018-10003, CVE-2023-27533, CVE-2023-27534, CVE-2022-22576, CVE-2016-9594, CVE-2016-9586, CVE-2016-9952, CVE-2016-5421, CVE-2016-4802, CVE-2019-5436, CVE-2020-8177, CVE-2019-5443, CVE-2023-28319, CVE-2016-5420, CVE-2022-27781, CVE-2022-27782, CVE-2020-8231, CVE-2016-7141, CVE-2021-22946, CVE-2015-3145, CVE-2021-22926, CVE-2019-3823, CVE-2016-8624, CVE-2016-5419, CVE-2020-8285, CVE-2016-8625, CVE-2016-8621, CVE-2016-8623, CVE-2016-8615, CVE-2016-0755, CVE-2016-8617, CVE-2017-2629, CVE-2021-22922, CVE-2017-10001, CVE-2022-32206, CVE-2022-27776, CVE-2014-0138, CVE-2023-27536, CVE-2021-22947, CVE-2023-28321, CVE-2023-27535, CVE-2022-43552, CVE-2023-28320, CVE-2022-32208, CVE-2016-8616, CVE-2014-8151, CVE-2014-0139, CVE-2022-27774, CVE-2023-27538, CVE-2017-9502, CVE-2016-3739, CVE-2016-0754, CVE-2021-22925, CVE-2021-22876, CVE-2021-22923, CVE-2014-3620, CVE-2015-3153, CVE-2014-3613, CVE-2015-3148, CVE-2015-3143, CVE-2014-8150, CVE-2014-3707, CVE-2014-2522, CVE-2023-28322, CVE-2020-8284, CVE-2022-35252, CVE-2021-22924, CVE-2021-22898 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Django CVE-2025-26699 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
GNU CVE-2025-0840, CVE-2024-57360, CVE-2024-12243 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Kerberos CVE-2025-24528, CVE-2024-26462, CVE-2024-26461, CVE-2024-26458 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libcap CVE-2025-1390 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libevent CVE-2016-10195, CVE-2016-10196, CVE-2015-6525, CVE-2014-6272, CVE-2016-10197 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Libtasn CVE-2024-12133 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Linux Kernel CVE-2024-56672 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
OpenSSH CVE-2025-26465, CVE-2025-26466, CVE-2024-6387 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
OpenSSL CVE-2016-2182, CVE-2016-6303, CVE-2016-2177, CVE-2016-2108, CVE-2016-0705, CVE-2016-2842, CVE-2016-0799, CVE-2016-2176, CVE-2016-6302, CVE-2016-0797, CVE-2016-2183, CVE-2016-2109, CVE-2015-3194, CVE-2016-2180, CVE-2016-2105, CVE-2016-2106, CVE-2016-6304, CVE-2016-2179, CVE-2021-4044, CVE-2015-1789, CVE-2016-0798, CVE-2016-2181, CVE-2015-0209, CVE-2015-1791, CVE-2016-2107, CVE-2015-3197, CVE-2016-6306, CVE-2016-0800, CVE-2016-0704, CVE-2016-0703, CVE-2016-2178, CVE-2016-7056, CVE-2017-3735, CVE-2015-3195, CVE-2016-0702, CVE-2015-0287, CVE-2015-1790, CVE-2015-0288, CVE-2015-0293, CVE-2015-0289, CVE-2015-0286, CVE-2015-1792, CVE-2015-1788, CVE-2015-3196, CVE-2015-4000, CVE-2011-3389 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
SQLite CVE-2020-11656, CVE-2019-19646, CVE-2017-10989, CVE-2019-8457, CVE-2015-5895, CVE-2018-20346, CVE-2018-20506, CVE-2018-8740, CVE-2020-11655, CVE-2015-3414, CVE-2015-3717, CVE-2015-3415, CVE-2018-20505, CVE-2022-35737, CVE-2015-3416, CVE-2020-13630, CVE-2015-6607, CVE-2016-6153, CVE-2020-13631, CVE-2020-13434, CVE-2020-13435, CVE-2019-19645, CVE-2020-13632, CVE-2020-15358 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
wpa CVE-2022-23303, CVE-2022-23304, CVE-2022-37660 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommande à tous ses clients de tenir compte à la fois du score de base CVSS et de tous les scores temporels et environnementaux pertinents qui pourraient avoir une incidence sur la gravité potentielle associée à une vulnérabilité de sécurité particulière.

Produits touchés et correction

Product Affected Versions Remediated Versions Link
CloudBoost Virtual Appliance Versions 19.7 through 19.12.0.1 Version 19.13 or later CloudBoost Virtual Appliance Downloads Area

 

Product Affected Versions Remediated Versions Link
CloudBoost Virtual Appliance Versions 19.7 through 19.12.0.1 Version 19.13 or later CloudBoost Virtual Appliance Downloads Area

 

Notes:

  1. The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available. 
  2. Unless specified as impacted, the term “later releases” encompasses all CloudBoost Virtual Appliance releases, under standard support, that are of a higher minor or major version than the specified release.
  3. Dell advises that you consistently upgrade to the most recent release/version of your product.

Solutions de contournement et mesures d’atténuation

None

Historique de révision

RevisionDateDescription
1.02025-06-30Initial Release
2.02025-07-28Updated to include CVE-2024-6387

 

Renseignements connexes

Produits touchés

CloudBoost
Propriétés de l’article
Numéro d’article: 000338396
Type d’article: Dell Security Advisory
Dernière modification: 28 juill. 2025
Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell
Services de soutien
Vérifiez si votre appareil est couvert par les services de soutien.