DSA-2024-253: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

상세한 문서

영향

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

요약: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.

기타 리소스 확인

영향

Critical

세부 정보

Third-Party Component	CVEs	More information
Apache	CVE-2023-38709, CVE-2024-24795, CVE-2024-27316	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Apache Tomcat	CVE-2024-23672, CVE-2024-24549	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Bouncy Castle	CVE-2024-30172	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Cpio	CVE-2023-7207	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Commons Compress	CVE-2024-25710	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Containerd	CVE-2022-1996	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Curl	CVE-2024-2004, CVE-2024-2398	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Docker	CVE-2024-23651, CVE-2024-23652, CVE-2024-23653	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Glibc	CVE-2024-2961	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Less	CVE-2022-48624, CVE-2024-32487	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
libncurses	CVE-2023-45918	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
libssh	CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
libxml2	CVE-2024-25062	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
libblkid1	CVE-2024-28085	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Kernel	CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Krb5	CVE-2024-26458, CVE-2024-26461	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
NGHTTP2	CVE-2024-28182	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Open JDK	CVE-2024-20918, CVE-2024-20919, CVE-2024-20921	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Open SSL	CVE-2024-0727, CVE-2024-2511	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Open SSH	CVE-2023-51385	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Postgresql	CVE-2024-1597	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Shim	CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Spring Framework	CVE-2024-22243, CVE-2024-22259	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Sudo	CVE-2023-42465	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Sysuser-shadow	CVE-2016-9566, CVE-2019-3698	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
util-linux	CVE-2024-28085	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Vim	CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/

Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

영향을 받는 제품 및 문제 해결

CVEs Addressed	Product	Affected Versions	Updated Version	Link to Update
CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172	Dell Secure Connect Gateway	Version 5.22.00.18	Version 5.24.00.14 or later	https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

CVEs

Addressed

Product

Affected Versions

Updated Version

Link to Update

CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172

Dell Secure Connect Gateway

Version 5.22.00.18

Version 5.24.00.14 or later

https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

CVEs Addressed	Product	Affected Versions	Updated Version	Link to Update
CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172	Dell Secure Connect Gateway	Version 5.22.00.18	Version 5.24.00.14 or later	https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

CVEs

Addressed

Product

Affected Versions

Updated Version

Link to Update

Dell Secure Connect Gateway

Version 5.22.00.18

Version 5.24.00.14 or later

https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

해결 방법 및 완화 방안

None

개정 내역

Revision	Date	Description
1.0	2024-06-11	Initial Release
2.0	2024-06-12	Updated table links
3.0	2024-06-12	Updated wording for the versions affected
4.0	2024-09-13	Removed CVE-2023-51767

법적 고지 사항

해당 제품

Secure Connect Gateway, Secure Connect Gateway

문서 번호: 000225991

문서 유형: Dell Security Advisory

마지막 수정 시간: 13 9월 2024

디바이스에 지원 서비스가 적용되는지 확인하십시오.

DSA-2024-253: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

요약: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

관련 정보

법적 고지 사항

해당 제품

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스