DSA-2024-010: Security Update for Dell Data Protection Central for Multiple Third-Party Vulnerabilities

Résumé: Dell Data Protection Central remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

Critical

Détails

Third-party Component CVEs More Information
IAM service
 		 CVE-2023-36054, CVE-2023-4039, CVE-2023-38039, CVE-2023-25193, CVE-2018-9234, CVE-2023-40217, CVE-2023-31484, CVE-2023-21930, CVE-2023-34035, CVE-2023-24329, CVE-2023-28322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
node.js CVE-2022-35255, CVE-2023-32002, CVE-2022-43548, CVE-2023-30589, CVE-2023-23918, CVE-2022-32212 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat CVE-2023-28709 https://nvd.nist.gov/vuln/detail/CVE-2023-28709 This hyperlink is taking you to a website outside of Dell Technologies.
get-func-name CVE-2023-43646 https://nvd.nist.gov/vuln/detail/CVE-2023-43646 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
cookiejar CVE-2022-25901 https://nvd.nist.gov/vuln/detail/CVE-2022-25901 This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
Okio CVE-2023-3635 https://nvd.nist.gov/vuln/detail/CVE-2023-3635 This hyperlink is taking you to a website outside of Dell Technologies.
spring boot CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
spring security CVE-2023-34034 https://nvd.nist.gov/vuln/detail/CVE-2023-34034) This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.10 Release Notes’ in Dell Data Protection Central 19.10 Release Notes | Dell US

Historique des révisions

RevisionDateDescription
1.02024-01-17Initial Release

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Data Protection Central
Propriétés de l’article
Numéro d’article: 000221194
Type d’article: Dell Security Advisory
Dernière modification: 19 Sep 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.