DSA-2024-253: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities
Samenvatting: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
Critical
Gegevens
| Third-Party Component
|
CVEs |
More information |
|---|---|---|
| Apache |
CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Apache Tomcat |
CVE-2024-23672, CVE-2024-24549 |
See NVD link below for individual scores for each CVE.
|
| Bouncy Castle |
CVE-2024-30172 |
See NVD link below for individual scores for each CVE.
|
| Cpio |
CVE-2023-7207 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Commons Compress |
CVE-2024-25710 |
See NVD link below for individual scores for each CVE.
|
| Containerd |
CVE-2022-1996 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Curl |
CVE-2024-2004, CVE-2024-2398 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Docker |
CVE-2024-23651, CVE-2024-23652, CVE-2024-23653 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Glibc |
CVE-2024-2961 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Less |
CVE-2022-48624, CVE-2024-32487 |
See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
|
| libncurses |
CVE-2023-45918 |
See SUSE link below for individual scores for each CVE.
|
| libssh |
CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918 |
See SUSE link below for individual scores for each CVE.
|
| libxml2 |
CVE-2024-25062 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| libblkid1 |
CVE-2024-28085 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Kernel |
CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Krb5 |
CVE-2024-26458, CVE-2024-26461 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| NGHTTP2 |
CVE-2024-28182 |
See SUSE link below for individual scores for each CVE.
|
| Open JDK |
CVE-2024-20918, CVE-2024-20919, CVE-2024-20921 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Open SSL |
CVE-2024-0727, CVE-2024-2511 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Open SSH |
CVE-2023-51385 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Postgresql |
CVE-2024-1597 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Shim |
CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Spring Framework |
CVE-2024-22243, CVE-2024-22259 |
See NVD link below for individual scores for each CVE.
|
| Sudo |
CVE-2023-42465 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| Sysuser-shadow |
CVE-2016-9566, CVE-2019-3698
|
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
| util-linux |
CVE-2024-28085 |
See SUSE link below for individual scores for each CVE.
|
| Vim |
CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667 |
See SUSE link below for individual scores for each CVE.
https://www.suse.com/security/cve/
|
Getroffen producten en herstel
| CVEs Addressed |
Product |
Affected Versions |
Updated Version |
Link to Update |
|---|---|---|---|---|
| CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172 |
Dell Secure Connect Gateway |
Version 5.22.00.18 |
Version 5.24.00.14 or later |
https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers |
| CVEs Addressed |
Product |
Affected Versions |
Updated Version |
Link to Update |
|---|---|---|---|---|
| CVE-2016-9566, CVE-2019-3698, CVE-2019-14889, CVE-2020-1730, CVE-2021-3634, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1086, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622, CVE-2022-1996, CVE-2022-28737, CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551, CVE-2022-48624, CVE-2024-32487, CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-7207, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2023-42465, CVE-2023-45918, CVE-2023-51385, CVE-2024-0727, CVE-2024-2511, CVE-2024-1597, CVE-2024-2004, CVE-2024-2398, CVE-2024-2961, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-22243, CVE-2024-22259, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-23672, CVE-2024-24549, CVE-2024-25062, CVE-2024-25710, CVE-2024-26458, CVE-2024-26461, CVE-2024-28085, CVE-2024-28085, CVE-2024-28182, CVE-2024-30172 |
Dell Secure Connect Gateway |
Version 5.22.00.18 |
Version 5.24.00.14 or later |
https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers |
Tijdelijke oplossingen en risicobeperking
None
Revisiegeschiedenis
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-06-11 | Initial Release |
| 2.0 | 2024-06-12 | Updated table links |
| 3.0 | 2024-06-12 | Updated wording for the versions affected |
| 4.0 | 2024-09-13 | Removed CVE-2023-51767 |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Secure Connect Gateway, Secure Connect GatewayArtikeleigenschappen
Artikelnummer: 000225991
Artikeltype: Dell Security Advisory
Laatst aangepast: 13 sep. 2024
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.