DSA-2024-461: Security Update for Dell PowerProtect Data Manager Multiple Third-Party Component Vulnerabilities

Riepilogo: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Prodotti interessati e correzione

Dichiarazione di non responsabilità

Prodotti interessati

Questo articolo si applica a Questo articolo non si applica a Questo articolo non è legato a un prodotto specifico. Non tutte le versioni del prodotto sono identificate in questo articolo.

Scopri le altre risorse

Impatto

Critical

Dettagli

Third-Party Component	CVEs	More Information
azure-sdk-for-net 1.5.4	CVE-2024-35255	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
jackson-databind 2.15.3	CVE-2023-35116	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Apache CXF 3.6.3 and 4.0.4	CVE-2024-32007	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
json-path 2.7.0	CVE-2023-51074	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Gunicorn 20.0.4	CVE-2024-1135	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libcurl	CVE-2024-2398, CVE-2024-2004	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Logback 1.2.12	CVE-2023-6481, CVE-2023-6378	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
RabbitMQ amqp-client 5.14.3	CVE-2023-46120	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
RESTEasy 4.6.2. Final	CVE-2023-0482	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Simple XML 2.7.1	CVE-2017-1000190	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
SnakeYAML 1.30	CVE-2022-1471, CVE-2022-25857, CVE-2022-38749, CVE-2022-41854, CVE-2022-38751, CVE-2022-38752, CVE-2022-38750	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Spring Framework 5.3.31 and 5.3.34	CVE-2016-1000027	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Async 3.2.5	CVE-2024-39249	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
express/4.19.2	CVE-2024-43796	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
Node.js 20.11.1	CVE-2024-27980, CVE-2024-22020, CVE-2024-36137, CVE-2024-22018, CVE-2024-37372, CVE-2024-27983, CVE-2024-27982	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
java-17-openjdk-headless 17.0.12.0-150400.3.45.1	CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21145, CVE-2024-21147	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
xen-libs 4.16.6_04-150400.4.62.1	CVE-2023-46841, CVE-2023-46842, CVE-2024-2193, CVE-2024-2201, CVE-2024-31142, CVE-2024-31143, CVE-2024-31145, CVE-2024-31146, CVE-2024-45817	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
docker-rootless-extras 25.0.6_ce-150000.207.1 docker 25.0.6_ce-150000.207.1	CVE-2024-41110	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libpq5 16.4-150200.5.16.1 postgresql14-server 14.13-150200.5.47.1	CVE-2024-4317, CVE-2024-7348	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
containerd 1.7.21-150000.117.1	CVE-2022-1996, CVE-2023-45142, CVE-2023-47108	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
python3-setuptools 44.1.1-150400.9.9.1	CVE-2024-6345	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
runc 1.1.14-150000.70.1	CVE-2024-45310	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
kernel-default 5.14.21-150400.24.136.1	CVE-2021-4439, CVE-2021-4441, CVE-2021-47555, CVE-2021-47571, CVE-2021-47576, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47596, CVE-2021-47597, CVE-2021-47598, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47607, CVE-2021-47609, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2021-47622, CVE-2021-47624, CVE-2022-48712, CVE-2022-48713, CVE-2022-48715, CVE-2022-48717, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48773, CVE-2022-48774, CVE-2022-48775, CVE-2022-48776, CVE-2022-48777, CVE-2022-48778, CVE-2022-48780, CVE-2022-48783, CVE-2022-48784, CVE-2022-48786, CVE-2022-48787, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48791, CVE-2022-48792, CVE-2022-48793, CVE-2022-48794, CVE-2022-48796, CVE-2022-48797, CVE-2022-48798, CVE-2022-48799, CVE-2022-48800, CVE-2022-48801, CVE-2022-48803, CVE-2022-48804, CVE-2022-48805, CVE-2022-48806, CVE-2022-48807, CVE-2022-48811, CVE-2022-48812, CVE-2022-48813, CVE-2022-48814, CVE-2022-48815, CVE-2022-48816, CVE-2022-48817, CVE-2022-48818, CVE-2022-48820, CVE-2022-48821, CVE-2022-48822, CVE-2022-48823, CVE-2022-48824, CVE-2022-48825, CVE-2022-48826, CVE-2022-48827, CVE-2022-48828, CVE-2022-48829, CVE-2022-48830, CVE-2022-48831, CVE-2022-48834, CVE-2022-48835, CVE-2022-48836, CVE-2022-48837, CVE-2022-48838, CVE-2022-48840, CVE-2022-48841, CVE-2022-48842, CVE-2022-48843, CVE-2022-48849, CVE-2022-48851, CVE-2022-48856, CVE-2022-48857, CVE-2022-48858, CVE-2022-48859, CVE-2022-48860, CVE-2022-48861, CVE-2022-48862, CVE-2022-48863, CVE-2022-48866, CVE-2022-48868, CVE-2022-48870, CVE-2022-48871, CVE-2022-48872, CVE-2022-48873, CVE-2022-48875, CVE-2022-48878, CVE-2022-48880, CVE-2022-48890, CVE-2022-48891, CVE-2022-48896, CVE-2022-48898, CVE-2022-48899, CVE-2022-48903, CVE-2022-48904, CVE-2022-48905, CVE-2022-48907, CVE-2022-48909, CVE-2022-48911, CVE-2022-48912, CVE-2022-48913, CVE-2022-48914, CVE-2022-48915, CVE-2022-48916, CVE-2022-48917, CVE-2022-48918, CVE-2022-48919, CVE-2022-48921, CVE-2022-48923, CVE-2022-48924, CVE-2022-48925, CVE-2022-48926, CVE-2022-48927, CVE-2022-48928, CVE-2022-48930, CVE-2022-48931, CVE-2022-48932, CVE-2022-48934, CVE-2022-48935, CVE-2022-48937, CVE-2022-48938, CVE-2022-48941, CVE-2022-48942, CVE-2022-48943, CVE-2022-48944, CVE-2022-48945, CVE-2023-24023, CVE-2023-52489, CVE-2023-52670, CVE-2023-52752, CVE-2023-52762, CVE-2023-52837, CVE-2023-52846, CVE-2023-52881, CVE-2023-52885, CVE-2023-52893, CVE-2023-52894, CVE-2023-52896, CVE-2023-52898, CVE-2023-52900, CVE-2023-52901, CVE-2023-52905, CVE-2023-52907, CVE-2023-52911, CVE-2024-26583, CVE-2024-26584, CVE-2024-26745, CVE-2024-26800, CVE-2024-26813, CVE-2024-26814, CVE-2024-26923, CVE-2024-26976, CVE-2024-35789, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35901, CVE-2024-35950, CVE-2024-36894, CVE-2024-36899, CVE-2024-36904, CVE-2024-36940, CVE-2024-36964, CVE-2024-36971, CVE-2024-36974, CVE-2024-38541, CVE-2024-38545, CVE-2024-38555, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38578, CVE-2024-39463, CVE-2024-39494, CVE-2024-40902, CVE-2024-40910, CVE-2024-40937, CVE-2024-40954, CVE-2024-40956, CVE-2024-40989, CVE-2024-40994, CVE-2024-41009, CVE-2024-41011, CVE-2024-41012, CVE-2024-41059, CVE-2024-41062, CVE-2024-41069, CVE-2024-41087, CVE-2024-41090, CVE-2024-42077, CVE-2024-42093, CVE-2024-42126, CVE-2024-42145, CVE-2024-42230, CVE-2024-42232, CVE-2024-42271, CVE-2024-42301, CVE-2024-43853, CVE-2024-43861, CVE-2024-43882, CVE-2024-43883, CVE-2024-44938, CVE-2024-44946, CVE-2024-44947, CVE-2024-45003, CVE-2024-45021, CVE-2024-46674, CVE-2024-46774	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
bind-utils 9.16.50-150400.5.43.1 python3-bind 9.16.50-150400.5.43.1	CVE-2024-1737, CVE-2024-1975, CVE-2024-4076	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libpcap1 1.10.1-150400.3.6.2	CVE-2023-7256, CVE-2024-8006	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
login_defs 4.8.1-150400.10.18.1 shadow 4.8.1-150400.10.18.1	CVE-2013-4235	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
emacs-info 27.2-150400.3.17.1 emacs-nox 27.2-150400.3.17.1 emacs 27.2-150400.3.17.1 etags 27.2-150400.3.17.1	CVE-2024-39331	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
krb5 1.19.2-150400.3.12.1	CVE-2024-37370, CVE-2024-37371	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libopenssl1_1-hmac 1.1.1l-150400.7.72.1 libopenssl1_1 1.1.1l-150400.7.72.1 openssl-1_1 1.1.1l-150400.7.72.1	CVE-2024-5535	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
git-core 2.35.3-150300.10.45.2	CVE-2024-24577	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
curl 8.0.1-150400.5.53.2 libcurl4 8.0.1-150400.5.53.2	CVE-2024-7264, CVE-2024-8096	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libpython3_6m1_0 3.6.15-150300.10.72.1 python3-base 3.6.15-150300.10.72.1 python3-curses 3.6.15-150300.10.72.1 python3-dbm 3.6.15-150300.10.72.1 python3-dbm 3.6.15-150300.10.72.1 python3 3.6.15-150300.10.72.1	CVE-2024-0397, CVE-2024-0450, CVE-2024-4032, CVE-2024-5642, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
libncurses6 6.1-150000.5.27.1 ncurses-utils 6.1-150000.5.27.1 terminfo-base 6.1-150000.5.27.1 terminfo-iterm 6.1-150000.5.27.1 terminfo-screen 6.1-150000.5.27.1 terminfo 6.1-150000.5.27.1	CVE-2023-45918	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/
ucode-intel 20240910-150200.47.1	CVE-2023-42667, CVE-2023-49141, CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980, CVE-2024-25939	See NVD link below for individual scores for each CVE. https://nvd.nist.gov/

Dell Technologies raccomanda a tutti i clienti di prendere in considerazione sia il punteggio base CVSS, sia ogni eventuale punteggio temporale o ambientale che possa avere effetti sul livello di gravità potenziale associato a una specifica vulnerabilità di sicurezza.

Prodotti interessati e correzione

Product	Affected Versions	Remediated Versions	Link
Dell PowerProtect Data Manager	Versions prior to 19.17	19.18 or later	PPDM 19.18 drivers and downloads

Product	Affected Versions	Remediated Versions	Link
Dell PowerProtect Data Manager	Versions prior to 19.17	19.18 or later	PPDM 19.18 drivers and downloads

Cronologia delle revisioni

Revision	Date	Description
1.0	2024-11-13	Initial Release
2.0	2025-01-29	Updated for enhanced presentation with no changes to content

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

PowerProtect Data Manager

Numero articolo: 000248226

Tipo di articolo: Dell Security Advisory

Ultima modifica: 29 gen 2025

Verifica che il dispositivo sia coperto dai Servizi di supporto.

DSA-2024-461: Security Update for Dell PowerProtect Data Manager Multiple Third-Party Component Vulnerabilities

Riepilogo: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

DSA-2024-461: Security Update for Dell PowerProtect Data Manager Multiple Third-Party Component Vulnerabilities

Riepilogo: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Articolo dettagliato

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services