DSA-2023-198: Dell ECS Security Update for Multiple Vulnerabilities.

Samenvatting: Dell ECS 3.7.0.6 remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.
Bekijk andere hulpbronnen

Impact

Medium

Gegevens

Third Party Component CVE ID Details
apache2 CVE-2006-20001 https://suse.com/security/cve/CVE-2006-20001 This hyperlink is taking you to a website outside of Dell Technologies.
apache2 CVE-2022-36760 https://suse.com/security/cve/CVE-2022-36760 This hyperlink is taking you to a website outside of Dell Technologies.
apache2 CVE-2022-37436 https://suse.com/security/cve/CVE-2022-37436 This hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-22490 https://suse.com/security/cve/CVE-2023-22490 This hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-23946 https://suse.com/security/cve/CVE-2023-23946 This hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2021-28153 https://suse.com/security/cve/CVE-2021-28153 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2015-8985 https://suse.com/security/cve/CVE-2015-8985 This hyperlink is taking you to a website outside of Dell Technologies.
libapr-util1 CVE-2022-25147 https://suse.com/security/cve/CVE-2022-25147 This hyperlink is taking you to a website outside of Dell Technologies.
libksba CVE-2022-47629 https://suse.com/security/cve/CVE-2022-47629 This hyperlink is taking you to a website outside of Dell Technologies.
libxslt CVE-2021-30560 https://suse.com/security/cve/CVE-2021-30560 This hyperlink is taking you to a website outside of Dell Technologies.
multipath-tools CVE-2022-41974 https://suse.com/security/cve/CVE-2022-41974 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2022-4304 https://suse.com/security/cve/CVE-2022-4304 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2023-0215 https://suse.com/security/cve/CVE-2023-0215 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2023-0286 https://suse.com/security/cve/CVE-2023-0286 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2020-10735 https://suse.com/security/cve/CVE-2020-10735 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2022-40899 https://suse.com/security/cve/CVE-2022-40899 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2022-45061 https://suse.com/security/cve/CVE-2022-45061 This hyperlink is taking you to a website outside of Dell Technologies.
python-py CVE-2022-42969 https://suse.com/security/cve/CVE-2022-42969 This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2022-43995 https://suse.com/security/cve/CVE-2022-43995 This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2023-22809 https://suse.com/security/cve/CVE-2023-22809 This hyperlink is taking you to a website outside of Dell Technologies.
Third Party Component CVE ID Details
apache2 CVE-2006-20001 https://suse.com/security/cve/CVE-2006-20001 This hyperlink is taking you to a website outside of Dell Technologies.
apache2 CVE-2022-36760 https://suse.com/security/cve/CVE-2022-36760 This hyperlink is taking you to a website outside of Dell Technologies.
apache2 CVE-2022-37436 https://suse.com/security/cve/CVE-2022-37436 This hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-22490 https://suse.com/security/cve/CVE-2023-22490 This hyperlink is taking you to a website outside of Dell Technologies.
git CVE-2023-23946 https://suse.com/security/cve/CVE-2023-23946 This hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2021-28153 https://suse.com/security/cve/CVE-2021-28153 This hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2015-8985 https://suse.com/security/cve/CVE-2015-8985 This hyperlink is taking you to a website outside of Dell Technologies.
libapr-util1 CVE-2022-25147 https://suse.com/security/cve/CVE-2022-25147 This hyperlink is taking you to a website outside of Dell Technologies.
libksba CVE-2022-47629 https://suse.com/security/cve/CVE-2022-47629 This hyperlink is taking you to a website outside of Dell Technologies.
libxslt CVE-2021-30560 https://suse.com/security/cve/CVE-2021-30560 This hyperlink is taking you to a website outside of Dell Technologies.
multipath-tools CVE-2022-41974 https://suse.com/security/cve/CVE-2022-41974 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2022-4304 https://suse.com/security/cve/CVE-2022-4304 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2023-0215 https://suse.com/security/cve/CVE-2023-0215 This hyperlink is taking you to a website outside of Dell Technologies.
openssl-1_0_0 CVE-2023-0286 https://suse.com/security/cve/CVE-2023-0286 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2020-10735 https://suse.com/security/cve/CVE-2020-10735 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2022-40899 https://suse.com/security/cve/CVE-2022-40899 This hyperlink is taking you to a website outside of Dell Technologies.
python3 CVE-2022-45061 https://suse.com/security/cve/CVE-2022-45061 This hyperlink is taking you to a website outside of Dell Technologies.
python-py CVE-2022-42969 https://suse.com/security/cve/CVE-2022-42969 This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2022-43995 https://suse.com/security/cve/CVE-2022-43995 This hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2023-22809 https://suse.com/security/cve/CVE-2023-22809 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Product Affected Version(s) Updated Version(s) Link to Update
Dell ECS Version<= 3.7.0.5 ECS 3.7.0.6 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Product Affected Version(s) Updated Version(s) Link to Update
Dell ECS Version<= 3.7.0.5 ECS 3.7.0.6 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Note: Some CVEs fixed in ECS 3.7.0.6 are planned to be addressed in a future release of ECS 3.8.0.x. For the latest list of CVEs fixed in ECS 3.8.0.2, please see DSA-2023-109

Revisiegeschiedenis

RevisionDateDescription
1.02023-05-31Initial Release

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische verklaring van afstand

Getroffen producten

ECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ECS Software, Product Security Information
Artikeleigenschappen
Artikelnummer: 000214424
Artikeltype: Dell Security Advisory
Laatst aangepast: 31 mei 2023
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.