DSA-2024-106: Security Update for Dell Cloud Tiering Appliance for Multiple Third-Party Vulnerabilities.

Résumé: Dell Cloud Tiering Appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Third-party
Component		 CVEs More Information
suse-module-tools CVE-2023-1829, CVE-2023-23559 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
xen CVE-2023-46835, CVE-2023-46836, CVE-2023-34323, CVE-2023-34325, CVE-2023-34326, CVE-2023-34327, CVE-2023-34328, CVE-2023-46839 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22081, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
nghttp2 CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-34058, CVE-2023-34059 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Kernel-default CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-5717, CVE-2023-6176, CVE-2023-2163, CVE-2023-31085, CVE-2023-3111, CVE-2023-34324, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42754, CVE-2023-45862, CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
postgresql13 CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc13 CVE-2023-4039 https://nvd.nist.gov/vuln/detail/CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
postgresql CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
util-linux CVE-2018-7738 https://nvd.nist.gov/vuln/detail/CVE-2018-7738 This hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2023-5678 https://nvd.nist.gov/vuln/detail/CVE-2023-5678 This hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2023-46246, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
sqlite CVE-2023-2137 https://nvd.nist.gov/vuln/detail/CVE-2023-2137 This hyperlink is taking you to a website outside of Dell Technologies.
kernel-firmware CVE-2023-20592 https://nvd.nist.gov/vuln/detail/CVE-2023-20592 This hyperlink is taking you to a website outside of Dell Technologies.
xerces-c CVE-2023-37536, CVE-2018-1311 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
openssh CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 This hyperlink is taking you to a website outside of Dell Technologies.
gnutls CVE-2023-5981 https://nvd.nist.gov/vuln/detail/CVE-2023-5981 This hyperlink is taking you to a website outside of Dell Technologies.
pam CVE-2024-22365 https://nvd.nist.gov/vuln/detail/CVE-2024-22365 This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product Software/Firmware Affected Versions Remediated Versions Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Product Software/Firmware Affected Versions Remediated Versions Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers

Historique des révisions

RevisionDateDescription
1.02024-03-05Initial Release
2.02024-05-22Updated for enhanced presentation with no other changes to content.

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Cloud Tiering Appliance, Cloud Tiering Appliance Platform, Cloud Tiering Appliance/VE
Propriétés de l’article
Numéro d’article: 000222697
Type d’article: Dell Security Advisory
Dernière modification: 19 Sep 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.