DSA-2024-010: Security Update for Dell Data Protection Central for Multiple Third-Party Vulnerabilities

概要: Dell Data Protection Central remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

この記事は次に適用されます: この記事は次には適用されません: この記事は、特定の製品に関連付けられていません。 すべての製品パージョンがこの記事に記載されているわけではありません。
他のリソースを確認する

影響

Critical

詳細

Third-party Component CVEs More Information
IAM service
 		 CVE-2023-36054, CVE-2023-4039, CVE-2023-38039, CVE-2023-25193, CVE-2018-9234, CVE-2023-40217, CVE-2023-31484, CVE-2023-21930, CVE-2023-34035, CVE-2023-24329, CVE-2023-28322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
node.js CVE-2022-35255, CVE-2023-32002, CVE-2022-43548, CVE-2023-30589, CVE-2023-23918, CVE-2022-32212 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat CVE-2023-28709 https://nvd.nist.gov/vuln/detail/CVE-2023-28709 This hyperlink is taking you to a website outside of Dell Technologies.
get-func-name CVE-2023-43646 https://nvd.nist.gov/vuln/detail/CVE-2023-43646 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
cookiejar CVE-2022-25901 https://nvd.nist.gov/vuln/detail/CVE-2022-25901 This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
Okio CVE-2023-3635 https://nvd.nist.gov/vuln/detail/CVE-2023-3635 This hyperlink is taking you to a website outside of Dell Technologies.
spring boot CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
spring security CVE-2023-34034 https://nvd.nist.gov/vuln/detail/CVE-2023-34034) This hyperlink is taking you to a website outside of Dell Technologies.

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベース スコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.10 Release Notes’ in Dell Data Protection Central 19.10 Release Notes | Dell US

変更履歴

RevisionDateDescription
1.02024-01-17Initial Release

関連情報

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法的免責事項

対象製品

Data Protection Central
文書のプロパティ
文書番号: 000221194
文書の種類: Dell Security Advisory
最終更新: 19 9月 2025
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。