DSA-2026-152: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities.

Riepilogo: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Prodotti interessati e correzione

Dichiarazione di non responsabilità

Prodotti interessati

Questo articolo si applica a Questo articolo non si applica a Questo articolo non è legato a un prodotto specifico. Non tutte le versioni del prodotto sono identificate in questo articolo.

Scopri le altre risorse

Impatto

Critical

Dettagli

Third-Party Component	CVE	More Information
Apache	CVE-2025-48924 CVE-2025-48976	https://nvd.nist.gov/vuln/search
Apache-CXF-Not used	CVE-2022-46364 CVE-2025-23184	https://nvd.nist.gov/vuln/search
Apache-Commons-Compress-1.26.1	CVE-2024-25710	https://nvd.nist.gov/vuln/search
Apache-Tomcat-10.1.52	CVE-2023-44487 CVE-2023-46589 CVE-2024-23672 CVE-2024-24549 CVE-2024-34750 CVE-2024-38286 CVE-2024-50379 CVE-2024-52316 CVE-2024-56337 CVE-2025-24813 CVE-2025-31650 CVE-2025-48988 CVE-2025-48989 CVE-2025-49124 CVE-2025-52434 CVE-2025-52520 CVE-2025-53506 CVE-2025-55752 CVE-2025-66614 CVE-2026-24734	https://nvd.nist.gov/vuln/search
Bouncy-Castle-1.78	CVE-2022-45146 CVE-2024-30172	https://nvd.nist.gov/vuln/search
Eclipse Jetty-Not-used	CVE-2023-36478 CVE-2024-8184	https://nvd.nist.gov/vuln/search
Logback-1.5.13	CVE-2023-6378 CVE-2023-6481	https://nvd.nist.gov/vuln/search
Netty-Reactor-Netty-1.1.13	CVE-2023-34062	https://nvd.nist.gov/vuln/search
Netty-Reactor-Netty-4.1.125	CVE-2025-24970 CVE-2025-55163 CVE-2025-58056 CVE-2025-58057	https://nvd.nist.gov/vuln/search
OWASP-HTML-Sanitizer-20260102.1	CVE-2025-66021	https://nvd.nist.gov/vuln/search
Spring-Framework	CVE-2024-22243	https://nvd.nist.gov/vuln/search
Spring-Framework-6.2.10	CVE-2024-22259 CVE-2024-38816 CVE-2024-38819 CVE-2025-41242	https://nvd.nist.gov/vuln/search
apache2-2.4.58-150600.5.44.1 apache2-prefork-2.4.58-150600.5.44.1 apache2-utils-2.4.58-150600.5.44.1 apache2-worker-2.4.58-150600.5.44.1	CVE-2025-55753 CVE-2025-58098 CVE-2025-65082 CVE-2025-66200	https://nvd.nist.gov/vuln/search
curl-8.14.1-150600.4.31.1 libcurl4-8.14.1-150600.4.31.1	CVE-2025-11563	https://nvd.nist.gov/vuln/search
glib2-tools-2.78.6-150600.4.35.1 libgio-2_0-0-2.78.6-150600.4.35.1 libglib-2_0-0-2.78.6-150600.4.35.1 libgmodule-2_0-0-2.78.6-150600.4.35.1 libgobject-2_0-0-2.78.6-150600.4.35.1	CVE-2025-13601 CVE-2025-14087 CVE-2025-14512 CVE-2026-0988 CVE-2026-1484 CVE-2026-1485 CVE-2026-1489	https://nvd.nist.gov/vuln/search
glibc-2.38-150600.14.43.1 glibc-locale-2.38-150600.14.43.1 glibc-locale-base-2.38-150600.14.43.1	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	https://nvd.nist.gov/vuln/search
gpg2-2.4.4-150600.3.15.1	CVE-2025-68973 CVE-2026-24882	https://nvd.nist.gov/vuln/search
jose4j-Not-used	CVE-2023-51775 CVE-2024-29371	https://nvd.nist.gov/vuln/search
json-smart-2.5.2	CVE-2023-1370 CVE-2024-57699	https://nvd.nist.gov/vuln/search
krb5-1.20.1-150600.11.14.1	CVE-2025-3576	https://nvd.nist.gov/vuln/search
libexpat1-2.7.1-150400.3.31.1	CVE-2025-59375	https://nvd.nist.gov/vuln/search
libglib-2_0-0-2.78.6-150600.4.35.1	CVE-2025-7039	https://nvd.nist.gov/vuln/search
libgnutls30-3.8.3-150600.4.12.1	CVE-2025-9820	https://nvd.nist.gov/vuln/search
libopenssl-3-fips-provider-3.1.4-150600.5.42.1 libopenssl1_1-1.1.1w-150600.5.21.1 libopenssl3-3.1.4-150600.5.42.1 openssl-3-3.1.4-150600.5.42.1	CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-22796	https://nvd.nist.gov/vuln/search
libopenssl-3-fips-provider-3.1.4-150600.5.42.1 libopenssl3-3.1.4-150600.5.42.1 openssl-3-3.1.4-150600.5.42.1	CVE-2025-15467	https://nvd.nist.gov/vuln/search
libpng16-16-1.6.40-150600.3.12.1	CVE-2025-28162 CVE-2025-28164 CVE-2025-64505 CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-22695 CVE-2026-22801 CVE-2026-25646	https://nvd.nist.gov/vuln/search
libpq5-18.1-150600.13.3.1 postgresql17-17.7-150600.13.19.1 postgresql17-server-17.7-150600.13.19.1	CVE-2025-12817 CVE-2025-12818	https://nvd.nist.gov/vuln/search
libpython3_11-1_0-3.11.14-150600.3.44.1 libpython3_12-1_0-3.12.12-150600.3.43.1 libpython3_6m1_0-3.6.15-150300.10.106.1 python3-base-3.6.15-150300.10.106.1 python311-base-3.11.14-150600.3.44.1 python311-tools-3.11.14-150600.3.44.1 python312-3.12.12-150600.3.43.1 python312-base-3.12.12-150600.3.43.1	CVE-2025-11468 CVE-2025-12084 CVE-2025-13836 CVE-2025-13837 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2026-0672 CVE-2026-0865	https://nvd.nist.gov/vuln/search
libpython3_11-1_0-3.11.14-150600.3.44.1 libpython3_12-1_0-3.12.12-150600.3.43.1 python311-base-3.11.14-150600.3.44.1 python311-tools-3.11.14-150600.3.44.1 python312-3.12.12-150600.3.43.1 python312-base-3.12.12-150600.3.43.1	CVE-2025-12781	https://nvd.nist.gov/vuln/search
libpython3_12-1_0-3.12.12-150600.3.43.1 python312-3.12.12-150600.3.43.1 python312-base-3.12.12-150600.3.43.1	CVE-2025-6075 CVE-2025-8291 CVE-2026-1299	https://nvd.nist.gov/vuln/search
openssh-9.6p1-150600.6.34.1 openssh-clients-9.6p1-150600.6.34.1 openssh-common-9.6p1-150600.6.34.1 openssh-fips-9.6p1-150600.6.34.1 openssh-server-9.6p1-150600.6.34.1	CVE-2025-61984 CVE-2025-61985	https://nvd.nist.gov/vuln/search
pgJDBC-42.7.3	CVE-2024-1597	https://nvd.nist.gov/vuln/search
OpenSSL 3.1.4	CVE-2024-40896 CVE-2025-11187 CVE-2025-15469 CVE-2025-66199 CVE-2025-11563 CVE-2025-61984 CVE-2025-48795 CVE-2025-48734 CVE-2025-41249	https://nvd.nist.gov/vuln/search
libxml2 2.12.10 / 2.13.6	CVE-2024-55549 CVE-2025-10911 CVE-2025-24855	https://nvd.nist.gov/vuln/search
Libxslt 1.1.38+	CVE-2024-56171	https://nvd.nist.gov/vuln/search
	CVE-2025-7424
	CVE-2025-7425
	CVE-2025-8732
	CVE-2025-24928
OpenSSL Libraries 3.1.4	CVE-2025-27113	https://nvd.nist.gov/vuln/search
	CVE-2025-32414
	CVE-2025-32415
	CVE-2025-6021

Dell Technologies raccomanda a tutti i clienti di prendere in considerazione sia il punteggio base CVSS, sia ogni eventuale punteggio temporale o ambientale che possa avere effetti sul livello di gravità potenziale associato a una specifica vulnerabilità di sicurezza.

Prodotti interessati e correzione

Product	Affected Version	Updated Version	Link
Dell Secure Connect Gateway -Appliance	Versions Prior to 5.34.00.16	5.34.00.16 or later	https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers

Product	Affected Version	Updated Version	Link
Dell Secure Connect Gateway -Appliance	Versions Prior to 5.34.00.16	5.34.00.16 or later	https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers

Dell recommends keeping the Secure Connect Gateway Application and Secure Connect Gateway Appliance updated to the latest version.

Cronologia delle revisioni

Revision	Date	Description
1.0	2026-03-23	Initial Release

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition

Numero articolo: 000443243

Tipo di articolo: Dell Security Advisory

Ultima modifica: 23 mar 2026

Verifica che il dispositivo sia coperto dai Servizi di supporto.

DSA-2026-152: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities.

Riepilogo: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

DSA-2026-152: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities.

Riepilogo: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Articolo dettagliato

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Impatto

Dettagli

Prodotti interessati e correzione

Cronologia delle revisioni

Informazioni correlate

Dichiarazione di non responsabilità

Prodotti interessati

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services

Proprietà dell'articolo

Trova risposta alle tue domande dagli altri utenti Dell

Support Services