DSA-2023-454: Security Update for Dell Cloud Tiering Appliance for Multiple Third-Party Component Vulnerabilities

Résumé: Dell Cloud Tiering Appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Third-party Component CVEs More Information
bind CVE-2023-3341 CVE-2023-3341 This hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2020-19726, CVE-2021-32256, CVE-2022-35205, CVE-2022-35206, CVE-2022-4285, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696, CVE-2022-48063, CVE-2022-48064, CVE-2022-48065, CVE-2023-0687, CVE-2023-1579, CVE-2023-1972, CVE-2023-2222, CVE-2023-25585, CVE-2023-25587, CVE-2023-25588 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cups CVE-2023-32360,  CVE-2023-4504 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc CVE-2023-4039 CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2023-4813 CVE-2023-4813 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22006,CVE-2023-22036,CVE-2023-22041,CVE-2023-22044,CVE-2023-22045,CVE-2023-22049,CVE-2023-25193 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2023-3358,CVE-2023-3390,CVE-2023-23455,CVE-2023-23454 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2023-36054 CVE-2023-36054 This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2 CVE-2023-35945 CVE-2023-35945 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-20867,CVE-2023-20900 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_1 CVE-2022-4304,CVE-2023-3446,CVE-2023-3817 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python2 CVE-2023-39615 CVE-2023-39615 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2023-40217 CVE-2023-40217 This hyperlink is taking you to a website outside of Dell Technologies.
Third-party Component CVEs More Information
bind CVE-2023-3341 CVE-2023-3341 This hyperlink is taking you to a website outside of Dell Technologies.
binutils CVE-2020-19726, CVE-2021-32256, CVE-2022-35205, CVE-2022-35206, CVE-2022-4285, CVE-2022-44840, CVE-2022-45703, CVE-2022-47673, CVE-2022-47695, CVE-2022-47696, CVE-2022-48063, CVE-2022-48064, CVE-2022-48065, CVE-2023-0687, CVE-2023-1579, CVE-2023-1972, CVE-2023-2222, CVE-2023-25585, CVE-2023-25587, CVE-2023-25588 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
cups CVE-2023-32360,  CVE-2023-4504 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc CVE-2023-4039 CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2023-4813 CVE-2023-4813 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22006,CVE-2023-22036,CVE-2023-22041,CVE-2023-22044,CVE-2023-22045,CVE-2023-22049,CVE-2023-25193 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default CVE-2023-3358,CVE-2023-3390,CVE-2023-23455,CVE-2023-23454 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
krb5 CVE-2023-36054 CVE-2023-36054 This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2 CVE-2023-35945 CVE-2023-35945 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-20867,CVE-2023-20900 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_1 CVE-2022-4304,CVE-2023-3446,CVE-2023-3817 See SUSE link for individual scores for each CVE https://www.suse.com/security/cve/ This hyperlink is taking you to a website outside of Dell Technologies.
python2 CVE-2023-39615 CVE-2023-39615 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2023-40217 CVE-2023-40217 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product Software/Firmware Affected Versions Updated Version Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-applianceve/drivers
Product Software/Firmware Affected Versions Updated Version Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.26 Version 13.2.0.2.26 https://www.dell.com/support/home/product-support/product/cloud-tiering-applianceve/drivers

Historique des révisions

RevisionDateDescription
1.029-11-2023Initial Release

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Cloud Tiering Appliance, Cloud Tiering Appliance Platform, Cloud Tiering Appliance/VE
Propriétés de l’article
Numéro d’article: 000219980
Type d’article: Dell Security Advisory
Dernière modification: 19 Sep 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.