DSA-2023-416: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Infrastructure for Multiple Vulnerabilities.

Obsah

Podrobný článok

Dosah

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Poskytnutie spätnej väzby

Zhrnutie: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...

Tento článok sa vzťahuje na Tento článok sa nevzťahuje na Tento článok nie je viazaný na žiadny konkrétny produkt. V tomto článku nie sú uvedené všetky verzie produktov.

Pozrite si ďalšie zdroje

Dosah

Critical

Podrobnosti

Third-party Component	CVEs	More Information
VMWare (Hypervisor and Hypervisor Manager)	CVE-2023-38408, CVE-2021-36368, CVE-2023-20892, CVE-2023-20893, CVE-2023-2089 , CVE-2023-20895, CVE-2023-20896, CVE-2022-22982, CVE-2022-31696, CVE-2022-31699, CVE-2021-21972, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29901, CVE-2022-28693, CVE-2022-23816, CVE-2022-23825, CVE-2022-26373, CVE-2022-31681, CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050, CVE-2022-22948, CVE-2023-34048, CVE-2023-34056, CVE-2023-20894	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Dell iDRAC	CVE-2022-34435	DSA-2022-265
OpenSSL	CVE-2023-0215, CVE-2022-2068, CVE-2022-1292	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Oracle Java	CVE-2023-21835, CVE-2023-21830, CVE-2023-21843, CVE-2022-39399, CVE-2022-34169, CVE-2022-21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-21624, CVE-2022-21619, CVE-2022-21541, CVE-2022-21540, CVE-2022-21549, CVE‑2022‑39399, CVE‑2022‑34169, CVE‑2022‑21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-21624, CVE-2022-21619, CVE-2022-21541, CVE-2022-21540, CVE-2022-21549	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
OpenLDAP	CVE-1999-0385	https://nvd.nist.gov/vuln/detail/CVE-1999-0385
OpenSSH	CVE-2008-5161	https://www.suse.com/security/cve/CVE-2008-5161.html
Apache Tomcat	CVE-2022-45143, CVE-2022-42252, CVE-2022-34305, CVE-2022-29885, CVE-2021-43980, CVE-2021-30640	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Grub2	CVE-2022-2601, CVE-2022-3775, CVE-2021-3695, CVE-2021- 3696, CVE-2021-3697, CVE-2021-3981	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
Apache Log4j	CVE-2021-44228, CVE-2021-45046	Apache Log4j Remote Code Execution
Erlang	CVE-2022-37026	https://nvd.nist.gov/vuln/detail/CVE-2022-37026
SUSE	CVE-2022-0413, CVE-2022-0318, CVE-2021-4019, CVE-2022-2284, CVE-2022-0361, CVE-2022-1679, CVE-2020-0452, CVE-2022-1652, CVE-2022-1619, CVE-2022-0492, CVE-2022-0359, CVE-2017-17095, CVE-2022-24903, CVE-2022-2207, CVE-2022-1927, CVE-2022-2304, CVE-2021-4197, CVE-2022-27239, CVE-2022-1304, CVE-2022-2129, CVE-2022-2264, CVE-2022-29155, CVE-2022-2124, CVE-2022-0261, CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-1720, CVE-2021-4157, CVE-2022-2344, CVE-2020-35523, CVE-2021-3927, CVE-2022-2175, CVE-2021-4069, CVE-2021-4192, CVE-2022-23219, CVE-2021-4136, CVE-2021-4202, CVE-2022-0407, CVE-2022-1381, CVE-2022-0213, CVE-2021-30560, CVE-2021-3778, CVE-2022-2210, CVE-2022-0435, CVE-2022-2257, CVE-2022-1898, CVE-2022-2206, CVE-2021-43527, CVE-2022-25235, CVE-2022-23218, CVE-2021-20292, CVE-2022-20141, CVE-2022-0128, CVE-2022-0847, CVE-2021-3973, CVE-2021-3796, CVE-2022-2286, CVE-2022-1796, CVE-2022-1968, CVE-2022-1735, CVE-2021-3984, CVE-2021-3968, CVE-2022-1048, CVE-2021-39713, CVE-2021-4083, CVE-2020-35524, CVE-2022-2182, CVE-2021-45078, CVE-2022-2343, CVE-2022-2345, CVE-2022-1897, CVE-2021-0920, CVE-2022-2125, CVE-2022-0392, CVE-2022-25315, CVE-2022-25236, CVE-2022-23852, CVE-2022-24407, CVE-2022-2285, CVE-2019-17546, CVE-2021-3872, CVE-2021-0935, CVE-2021-3974, CVE-2022-1616, CVE-2022-2795, CVE-2022-38177, CVE-2023-38545, CVE-2023-38546	See SUSE link below for individual scores for each CVE. https://www.suse.com/security/cve/
Intel Ethernet 500 Series Controllers Firmware	CVE-2022-36416, CVE-2022-36797	DSA-2023-016

Dell Technologies odporúča všetkým svojim zákazníkom, aby sa riadili nielen základným skóre CVSS, ale aj prechodným skóre a skóre závažnosti v konkrétnych prostrediach, na základe ktorého môžu vyhodnotiť celkové riziko vo vlastnom prostredí.

Dotknuté produkty a riešenie problému

Product	Affected Versions	Remediated Versions	Link
Integrated Data Protection Appliance (PowerProtect DP Series)	2.7.4 and prior	2.7.6	https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers

Product	Affected Versions	Remediated Versions	Link
Integrated Data Protection Appliance (PowerProtect DP Series)	2.7.4 and prior	2.7.6	https://www.dell.com/support/home/product-support/product/integrated-data-protection-appliance/drivers

Link to PowerProtect DP Series Installation and Upgrade guide
Dell EMC PowerProtect DP Series Appliance 2.7.6 Installation and Upgrade Guide

NOTE: IDPA versions prior to 2.7.6 use an obsolete Operating System for ACM and DPA components. IDPA 2.7.6 has updated the Operating Systems of ACM and DPA components to a supported version.

História revízií

Revision	Date	Description
1.0	2023-23-21	Initial release
2.0	2024-01-09	Moved Installation & Upgrade guide to Additional Information section.
3.0	2024-01-09	Updated 'More Information' column for Dell iDRAC & Apache Log4j
4.0-5.0	2024-01-09	Added CVE-2023-38545, CVE-2023-38546 to SUSE Component
6.0	2024-01-22	Updated for enhanced presentation with no changes to content.
7.0	2024-03-08	Added CVE-2023-20894 to VMWare (Hypervisor and Hypervisor Manager) Component
8.0	2024-07-12	Added Intel Ethernet 500 Series Controllers Firmware CVEs.

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

PowerProtect Data Protection Appliance, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Integrated Data Protection Appliance Software

Číslo článku: 000220651

Typ článku: Dell Security Advisory

Dátum poslednej úpravy: 19 sep 2025

Skontrolujte, či sa na vaše zariadenie vzťahujú služby podpory.

DSA-2023-416: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Infrastructure for Multiple Vulnerabilities.

Zhrnutie: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

DSA-2023-416: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Infrastructure for Multiple Vulnerabilities.

Zhrnutie: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ... Zobraziť viac Zobraziť menej

Podrobný článok

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Dosah

Podrobnosti

Dotknuté produkty a riešenie problému

História revízií

Súvisiace informácie

Legal Disclaimer

Dotknuté produkty

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Vlastnosti článku

Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell

Služby podpory

Zhrnutie: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...