DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Resumo: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Este artigo aplica-se a Este artigo não se aplica a Este artigo não está vinculado a nenhum produto específico. Nem todas as versões do produto estão identificadas neste artigo.
Confira outros recursos

Impacto

Critical

Dados

Third-party Component CVEs More information
Apache CVE-2021-37533, CVE-2022-40146, CVE-2023-25690, CVE-2023-27522, CVE-2022-42252, CVE-2023-24998, CVE-2023-28708 https://nvd.nist.gov/vuln/detail/CVE-2021-37533This hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-40146.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-25690.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27522.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-42252.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-24998.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-28708This hyperlink is taking you to a website outside of Dell Technologies.
WoodStox CVE-2022-40152 https://www.suse.com/security/cve/CVE-2022-40152.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Json CVE-2023-1370, CVE-2022-45688 https://nvd.nist.gov/vuln/detail/CVE-2023-1370This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-45688This hyperlink is taking you to a website outside of Dell Technologies.
Curl CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538 https://www.suse.com/security/cve/CVE-2023-27533.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27534.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27535.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27536.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-27538.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Java CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628 https://www.suse.com/security/cve/CVE-2022-21619.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21624.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21626.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-21628.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Jettison CVE-2022-40149, CVE-2022-40150, CVE-2022-45685, CVE-2022-45693, CVE-2023-1436 https://www.suse.com/security/cve/CVE-2022-40149.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-40150.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-45685.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-45693.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-1436.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Kernel CVE-2017-5754, CVE-2021-4203, CVE-2022-2991, CVE-2022-4129, CVE-2022-4662, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545 https://www.suse.com/security/cve/CVE-2017-5754.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2021-4203.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-2991.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-4129.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-4662.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-36280.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38096.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-47929.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0045.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0266.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0590.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0597.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-1118.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-23559.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-26545.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libbind9-161 CVE-2022-2795, CVE-2022-38177, CVE-2022-38178 https://www.suse.com/security/cve/CVE-2022-2795.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38177.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2022-38178.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Openssl CVE-2022-4450, CVE-2023-0215, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466 https://www.suse.com/security/cve/CVE-2022-4450.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0215.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0464.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0465.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-0466.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Python CVE-2022-45061, CVE-2023-24329 https://www.suse.com/security/cve/CVE-2022-45061.htmlThis hyperlink is taking you to a website outside of Dell Technologies., https://www.suse.com/security/cve/CVE-2023-24329.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Springframework CVE-2022-22950, CVE-2022-22970, CVE-2022-22971, CVE-2023-20861, CVE-2023-20863, CVE-2023-20873 https://nvd.nist.gov/vuln/detail/CVE-2022-22950This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-22970This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2022-22971This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20861This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20863This hyperlink is taking you to a website outside of Dell Technologies., https://nvd.nist.gov/vuln/detail/CVE-2023-20873This hyperlink is taking you to a website outside of Dell Technologies.
TAR CVE-2022-48303 https://www.suse.com/security/cve/CVE-2022-48303.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libapr-util1 CVE-2022-25147 https://www.suse.com/security/cve/CVE-2022-25147.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libpcre2-8-0 CVE-2022-1587 https://www.suse.com/security/cve/CVE-2022-1587.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libX11 CVE-2022-3555 https://www.suse.com/security/cve/CVE-2022-3555.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
libxslt1 CVE-2021-30560 https://www.suse.com/security/cve/CVE-2021-30560.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
TCL suse-su-20223653-1 https://www.suse.com/pt-br/support/update/announcement/2022/suse-su-20223653-1/This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28043 Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text. 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  This hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28043 Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text. 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  This hyperlink is taking you to a website outside of Dell Technologies.
A Dell Technologies recomenda que todos os clientes levem em consideração a pontuação base CVSS e as pontuações temporais e ambientais pertinentes que possam afetar a gravidade potencial associada a uma vulnerabilidade de segurança específica.

Produtos afetados e soluções

Product Affected Versions Remediated Versions Link
Dell Secure Connect Gateway Version 5.14.00.16 Version 5.16 https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers
 
Product Affected Versions Remediated Versions Link
Dell Secure Connect Gateway Version 5.14.00.16 Version 5.16 https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers
 

Histórico de revisão

RevisionDateDescription
1.02023-05-31Initial Release
2.02023-06-19Updated Proprietary code CVE score and CVSS Vector String
3.02023-09-01Updated for enhanced presentation with no changes to content. Added external link icons.

Informações relacionadas

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Aviso de isenção legal

Produtos afetados

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition
Propriedades do artigo
Número do artigo: 000214205
Tipo de artigo: Dell Security Advisory
Último modificado: 19 set. 2025
Encontre as respostas de outros usuários da Dell para suas perguntas.
Serviços de suporte
Verifique se o dispositivo está coberto pelos serviços de suporte.