Ga naar hoofdinhoud
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen

DSA-2023-169: Dell RecoverPoint Classic Security Update for Multiple Component Vulnerabilities.

Samenvatting: Dell RecoverPoint remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Dit artikel is van toepassing op   Dit artikel is niet van toepassing op 

Impact

Critical

Gegevens

Third-party Component  CVEs More Information
Intel Processors CVE-2022-21166, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33124, CVE-2021-0155 INTEL-TA-00615This hyperlink is taking you to a website outside of Dell Technologies.INTEL-TA-00601This hyperlink is taking you to a website outside of Dell Technologies.
OpenSSL CVE-2022-0778
https://www.openssl.org/news/secadv/20220315.txtThis hyperlink is taking you to a website outside of Dell Technologies.
Apache Log4j CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 Apache Log4j Remote Code ExecutionThis hyperlink is taking you to a website outside of Dell Technologies., Apache Log4j Remote Code ExecutionThis hyperlink is taking you to a website outside of Dell Technologies., Denial of Service attackThis hyperlink is taking you to a website outside of Dell Technologies.
Oracle Update CVE-2018-25032, CVE-2019-10086, CVE-2020-10683, CVE-2020-11022, CVE-2020-36518, CVE-2021-3426, CVE-2021-36090, CVE-2021-3918, CVE-2021-4104, CVE-2021-43859, CVE-2021-44790, CVE-2021-44832, CVE-2022-1292, CVE-2022-2068, CVE-2022-21636, CVE-2022-22971, CVE-2022-22978, CVE-2022-23181, CVE-2022-23218, CVE-2022-23219, CVE-2022-23305, CVE-2022-23437, CVE-2022-23943, CVE-2022-25315, CVE-2022-29824, CVE-2022-29885, CVE-2022-31813, CVE-2022-34305, CVE-2022-35737 https://www.oracle.com/security-alerts/cpuoct2022.htmlThis hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Product  Affected Versions Remediated Versions Link
Dell RecoverPoint Classic
 
Version 5.1 SP4, 5.1 SP4 P1, 5.1 SP4 P2, and 5.1 SP4 P3 Version 5.1 SP4 P4 https://www.dell.com/support/home/product-support/product/recoverpoint-cl/drivers
Product  Affected Versions Remediated Versions Link
Dell RecoverPoint Classic
 
Version 5.1 SP4, 5.1 SP4 P1, 5.1 SP4 P2, and 5.1 SP4 P3 Version 5.1 SP4 P4 https://www.dell.com/support/home/product-support/product/recoverpoint-cl/drivers
RecoverPoint Classic 5.1 SP4 P4 Release has a permanent code fix for Apache Log4j vulnerability CVE’s: CVE-2021-44228, CVE-2021-45046, CVE-2021-45105

Dell recommends the RecoverPoint customers to upgrade to RecoverPoint Classic 5.1 SP4 P4

Revisiegeschiedenis

Revision Date Description 
1.02023-05-12Initial Release
2.0 2023-05-15Made some minor changes in the Additional Info Section as well as some formatting change.
3.02023-09-01Updated for enhanced presentation with no changes to content.

Verwante informatie

Getroffen producten

Product Security Information, RecoverPoint CL, RecoverPoint SE