Ga naar hoofdinhoud
Uitloggen

Welkom bij Dell

Mijn account
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen
  • Beheer uw Dell EMC locaties, producten en contactpersonen op productniveau met Company Administration.
Inloggen Een account maken Inloggen bij Premier Aanmelden voor partnerprogramma
Contact

Uw Dell.com-winkelwagentjes

Artikelnummer: 000220651

DSA-2023-416: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Infrastructure for Multiple Vulnerabilities.

Samenvatting: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...

Article content

Impact

Critical

Gegevens

Third-party Component

CVEs

More Information

VMWare (Hypervisor and Hypervisor Manager) 

CVE-2023-38408, CVE-2021-36368, CVE-2023-20892, CVE-2023-20893, CVE-2023-2089 , CVE-2023-20895, CVE-2023-20896, CVE-2022-22982, CVE-2022-31696, CVE-2022-31699, CVE-2021-21972, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29901, CVE-2022-28693, CVE-2022-23816, CVE-2022-23825, CVE-2022-26373, CVE-2022-31681, CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050, CVE-2022-22948, CVE-2023-34048, CVE-2023-34056, CVE-2023-20894 

See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

 

Dell iDRAC 

CVE-2022-34435 

DSA-2022-265

OpenSSL

CVE-2023-0215, CVE-2022-2068, CVE-2022-1292 

See NVD link below for individual scores for each CVE.  
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Oracle Java 

CVE-2023-21835, CVE-2023-21830, CVE-2023-21843, CVE-2022-39399, CVE-2022-34169, CVE-2022-21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-21624, CVE-2022-21619, CVE-2022-21541, CVE-2022-21540, CVE-2022-21549, CVE‑2022‑39399, CVE‑2022‑34169, CVE‑2022‑21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-21624, CVE-2022-21619, CVE-2022-21541, CVE-2022-21540, CVE-2022-21549

See NVD link below for individual scores for each CVE.  
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

 

OpenLDAP

CVE-1999-0385 

https://nvd.nist.gov/vuln/detail/CVE-1999-0385 This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSH

CVE-2008-5161 

https://www.suse.com/security/cve/CVE-2008-5161.htmlThis hyperlink is taking you to a website outside of Dell Technologies.

Apache Tomcat 

CVE-2022-45143, CVE-2022-42252, CVE-2022-34305, CVE-2022-29885, CVE-2021-43980, CVE-2021-30640 

See NVD link below for individual scores for each CVE.  
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

 

Grub2 

CVE-2022-2601, CVE-2022-3775, CVE-2021-3695, CVE-2021- 3696, CVE-2021-3697, CVE-2021-3981 

See NVD link below for individual scores for each CVE.  
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Apache Log4j 

CVE-2021-44228, CVE-2021-45046 

Apache Log4j Remote Code ExecutionThis hyperlink is taking you to a website outside of Dell Technologies.

Erlang 

CVE-2022-37026 

https://nvd.nist.gov/vuln/detail/CVE-2022-37026This hyperlink is taking you to a website outside of Dell Technologies.

SUSE 

CVE-2022-0413, CVE-2022-0318, CVE-2021-4019, CVE-2022-2284, CVE-2022-0361, CVE-2022-1679, CVE-2020-0452, CVE-2022-1652, CVE-2022-1619, CVE-2022-0492, CVE-2022-0359, CVE-2017-17095, CVE-2022-24903, CVE-2022-2207, CVE-2022-1927, CVE-2022-2304, CVE-2021-4197, CVE-2022-27239, CVE-2022-1304, CVE-2022-2129, CVE-2022-2264, CVE-2022-29155, CVE-2022-2124, CVE-2022-0261, CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-1720, CVE-2021-4157, CVE-2022-2344, CVE-2020-35523, CVE-2021-3927, CVE-2022-2175, CVE-2021-4069, CVE-2021-4192, CVE-2022-23219, CVE-2021-4136, CVE-2021-4202, CVE-2022-0407, CVE-2022-1381, CVE-2022-0213, CVE-2021-30560, CVE-2021-3778, CVE-2022-2210, CVE-2022-0435, CVE-2022-2257, CVE-2022-1898, CVE-2022-2206, CVE-2021-43527, CVE-2022-25235, CVE-2022-23218, CVE-2021-20292, CVE-2022-20141, CVE-2022-0128, CVE-2022-0847, CVE-2021-3973, CVE-2021-3796, CVE-2022-2286, CVE-2022-1796, CVE-2022-1968, CVE-2022-1735, CVE-2021-3984, CVE-2021-3968, CVE-2022-1048, CVE-2021-39713, CVE-2021-4083, CVE-2020-35524, CVE-2022-2182, CVE-2021-45078, CVE-2022-2343, CVE-2022-2345, CVE-2022-1897, CVE-2021-0920, CVE-2022-2125, CVE-2022-0392, CVE-2022-25315, CVE-2022-25236, CVE-2022-23852, CVE-2022-24407, CVE-2022-2285, CVE-2019-17546, CVE-2021-3872, CVE-2021-0935, CVE-2021-3974, CVE-2022-1616, CVE-2022-2795, CVE-2022-38177, CVE-2023-38545, CVE-2023-38546

See SUSE link below for individual scores for each CVE. 
https://www.suse.com/security/cve/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Product

Affected Versions

Remediated Versions 

Link 

Integrated Data Protection Appliance (PowerProtect DP Series)

2.7.4 and prior 

2.7.6 

https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers

Product

Affected Versions

Remediated Versions 

Link 

Integrated Data Protection Appliance (PowerProtect DP Series)

2.7.4 and prior 

2.7.6 

https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers
Link to PowerProtect DP Series Installation and Upgrade guide 
Dell EMC PowerProtect DP Series Appliance 2.7.6 Installation and Upgrade Guide 
 
NOTE: IDPA versions prior to 2.7.6 use an obsolete Operating System for ACM and DPA components. IDPA 2.7.6 has updated the Operating Systems of ACM and DPA components to a supported version.

Revisiegeschiedenis

RevisionDateDescription
1.02023-23-21Initial release
2.02024-01-09Moved Installation & Upgrade guide to Additional Information section.
3.02024-01-09Updated 'More Information' column for Dell iDRAC & Apache Log4j
4.0-5.02024-01-09Added CVE-2023-38545, CVE-2023-38546 to SUSE Component
6.02024-01-22Updated for enhanced presentation with no changes to content.
7.02024-03-08Added CVE-2023-20894 to VMWare (Hypervisor and Hypervisor Manager) Component

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische informatie

Artikeleigenschappen

Getroffen product

PowerProtect Data Protection Appliance, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Integrated Data Protection Appliance Software

Datum laatst gepubliceerd

08 mrt. 2024

Versie

7

Artikeltype

Dell Security Advisory

Terug naar boven