DSA-2023-413: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities
Summary: Dell Secure Connect Gateway remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Bu makale şunlar için geçerlidir:
Bu makale şunlar için geçerli değildir:
Bu makale, belirli bir ürüne bağlı değildir.
Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Impact
Critical
Details
| Third-Party Component |
CVEs | More information |
|---|---|---|
| Apache Tomcat | CVE-2021-42340, CVE-2022-29885, CVE-2023-41080, CVE-2023-31122 | See SUSE link below for each CVE https://www.suse.com  |
| Batik-xml | CVE-2022-44729 | See NVD link below for individual scores for each CVE https://nvd.nist.gov |
| Bind | CVE-2023-3341 | See SUSE link below for each CVE https://www.suse.com |
| Curl | CVE-2023-38545, CVE-2023-38546, CVE-2023-38039 | See SUSE link below for each CVE https://www.suse.com |
| Gpg2 | CVE-2018-9234 | See SUSE link below for each CVE https://www.suse.com |
| Kernel | CVE-2022-36402 | See SUSE link below for each CVE https://www.suse.com |
| Libnghttp2 | CVE-2023-35945 | See SUSE link below for each CVE https://www.suse.com |
| Mdadm | CVE-2023-28736 | See SUSE link below for each CVE https://www.suse.com |
| PostgreSQL JDBC driver | CVE-2022-41946 | See NVD link below for individual scores for each CVE https://nvd.nist.gov |
| Python | CVE-2023-40217 | See SUSE link below for each CVE https://www.suse.com |
| Vim | CVE-2023-4733 | See SUSE link below for each CVE https://www.suse.com |
| Vmtools | CVE-2023-20900 | See SUSE link below for each CVE https://www.suse.com |
Etkilenen Ürünler ve Düzeltme
| CVEs Addressed |
Product | Affected Versions | Updated Version | Link to Update |
|---|---|---|---|---|
| CVE-2018-9234, CVE-2022-36402, CVE-2022-41946, CVE-2021-42340, CVE-2022-29885, CVE-2022-44729, CVE-2023-41080, CVE-2023-3341, CVE-2023-38545, CVE-2023-38546, CVE-2023-38039, CVE-2023-35945, CVE-2023-28736, CVE-2023-40217, CVE-2023-4733, CVE-2023-20900, CVE-2023-31122 | Dell Secure Connect Gateway | Version 5.18.00.20 | Version 5.20.00.10 | https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers |
| CVEs Addressed |
Product | Affected Versions | Updated Version | Link to Update |
|---|---|---|---|---|
| CVE-2018-9234, CVE-2022-36402, CVE-2022-41946, CVE-2021-42340, CVE-2022-29885, CVE-2022-44729, CVE-2023-41080, CVE-2023-3341, CVE-2023-38545, CVE-2023-38546, CVE-2023-38039, CVE-2023-35945, CVE-2023-28736, CVE-2023-40217, CVE-2023-4733, CVE-2023-20900, CVE-2023-31122 | Dell Secure Connect Gateway | Version 5.18.00.20 | Version 5.20.00.10 | https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers |
Geçici Çözümler ve Risk Azaltma
None
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-11-08 | Initial Release |
| 2.0 | 2023-11-08 | Added CVE-2023-31122 to Third Party Component Table under Apache Tomcat, Added to Affected Products and Remediation Table |
Related Information
Yasal Uyarı
Etkilenen Ürünler
Secure Connect Gateway, Secure Connect GatewayMakale Özellikleri
Article Number: 000219309
Article Type: Dell Security Advisory
Son Değiştirme: 08 Kas 2023
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.