DSA-2024-106: Security Update for Dell Cloud Tiering Appliance for Multiple Third-Party Vulnerabilities.

Zhrnutie: Dell Cloud Tiering Appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Tento článok sa vzťahuje na Tento článok sa nevzťahuje na Tento článok nie je viazaný na žiadny konkrétny produkt. V tomto článku nie sú uvedené všetky verzie produktov.
Pozrite si ďalšie zdroje

Dosah

High

Podrobnosti

Third-party
Component		 CVEs More Information
suse-module-tools CVE-2023-1829, CVE-2023-23559 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
xen CVE-2023-46835, CVE-2023-46836, CVE-2023-34323, CVE-2023-34325, CVE-2023-34326, CVE-2023-34327, CVE-2023-34328, CVE-2023-46839 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk CVE-2023-22081, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
nghttp2 CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2023-34058, CVE-2023-34059 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Kernel-default CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-5717, CVE-2023-6176, CVE-2023-2163, CVE-2023-31085, CVE-2023-3111, CVE-2023-34324, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42754, CVE-2023-45862, CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6606, CVE-2023-6610, CVE-2023-6931, CVE-2023-6932 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
postgresql13 CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
gcc13 CVE-2023-4039 https://nvd.nist.gov/vuln/detail/CVE-2023-4039 This hyperlink is taking you to a website outside of Dell Technologies.
postgresql CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
util-linux CVE-2018-7738 https://nvd.nist.gov/vuln/detail/CVE-2018-7738 This hyperlink is taking you to a website outside of Dell Technologies.
openssl CVE-2023-5678 https://nvd.nist.gov/vuln/detail/CVE-2023-5678 This hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2023-46246, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
sqlite CVE-2023-2137 https://nvd.nist.gov/vuln/detail/CVE-2023-2137 This hyperlink is taking you to a website outside of Dell Technologies.
kernel-firmware CVE-2023-20592 https://nvd.nist.gov/vuln/detail/CVE-2023-20592 This hyperlink is taking you to a website outside of Dell Technologies.
xerces-c CVE-2023-37536, CVE-2018-1311 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
openssh CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 This hyperlink is taking you to a website outside of Dell Technologies.
gnutls CVE-2023-5981 https://nvd.nist.gov/vuln/detail/CVE-2023-5981 This hyperlink is taking you to a website outside of Dell Technologies.
pam CVE-2024-22365 https://nvd.nist.gov/vuln/detail/CVE-2024-22365 This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies odporúča všetkým svojim zákazníkom, aby sa riadili nielen základným skóre CVSS, ale aj prechodným skóre a skóre závažnosti v konkrétnych prostrediach, na základe ktorého môžu vyhodnotiť celkové riziko vo vlastnom prostredí.

Dotknuté produkty a riešenie problému

Product Software/Firmware Affected Versions Remediated Versions Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Product Software/Firmware Affected Versions Remediated Versions Link
Cloud Tiering Appliance CTA and CTA-HA Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers
Cloud Tiering Appliance CTA/VE and CTA-HA/VE Versions prior to 13.2.0.2.27 Version 13.2.0.2.27 https://www.dell.com/support/home/product-support/product/cloud-tiering-appliance/drivers

História revízií

RevisionDateDescription
1.02024-03-05Initial Release
2.02024-05-22Updated for enhanced presentation with no other changes to content.

Súvisiace informácie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Dotknuté produkty

Cloud Tiering Appliance, Cloud Tiering Appliance Platform, Cloud Tiering Appliance/VE
Vlastnosti článku
Číslo článku: 000222697
Typ článku: Dell Security Advisory
Dátum poslednej úpravy: 19 sep 2025
Nájdite odpovede na svoje otázky od ostatných používateľov spoločnosti Dell
Služby podpory
Skontrolujte, či sa na vaše zariadenie vzťahujú služby podpory.