DSA-2024-010: Security Update for Dell Data Protection Central for Multiple Third-Party Vulnerabilities

Summary: Dell Data Protection Central remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Diğer kaynaklara göz atın

Impact

Critical

Details

Third-party Component CVEs More Information
IAM service
 		 CVE-2023-36054, CVE-2023-4039, CVE-2023-38039, CVE-2023-25193, CVE-2018-9234, CVE-2023-40217, CVE-2023-31484, CVE-2023-21930, CVE-2023-34035, CVE-2023-24329, CVE-2023-28322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
node.js CVE-2022-35255, CVE-2023-32002, CVE-2022-43548, CVE-2023-30589, CVE-2023-23918, CVE-2022-32212 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat CVE-2023-28709 https://nvd.nist.gov/vuln/detail/CVE-2023-28709 This hyperlink is taking you to a website outside of Dell Technologies.
get-func-name CVE-2023-43646 https://nvd.nist.gov/vuln/detail/CVE-2023-43646 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
cookiejar CVE-2022-25901 https://nvd.nist.gov/vuln/detail/CVE-2022-25901 This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
Okio CVE-2023-3635 https://nvd.nist.gov/vuln/detail/CVE-2023-3635 This hyperlink is taking you to a website outside of Dell Technologies.
spring boot CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
spring security CVE-2023-34034 https://nvd.nist.gov/vuln/detail/CVE-2023-34034) This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.10 Release Notes’ in Dell Data Protection Central 19.10 Release Notes | Dell US

Revision History

RevisionDateDescription
1.02024-01-17Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Yasal Uyarı

Etkilenen Ürünler

Data Protection Central
Makale Özellikleri
Article Number: 000221194
Article Type: Dell Security Advisory
Son Değiştirme: 19 Eyl 2025
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.