DSA-2025-043: Security Update for Dell UCC Edge Security Update for Multiple Vulnerabilities
摘要: Dell UCC Edge remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
High
详情
| Third-party Component | CVEs | More Information |
| python-certifi | CVE-2024-39689 |
See NVD link below for individual scores for each CVE. |
| JQuery | CVE-2020-11023 |
See NVD link below for individual scores for each CVE. |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-22399 | Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery | 7.9 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-22399 | Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery | 7.9 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L |
受影响的产品和补救措施
| Product | Affected Versions | Remediated Versions | Link |
| Dell UCC Edge | Version prior to 3.0.0 | Version 3.0.0 or later | https://www.dell.com/support/home/product-support/product/ucc-edge/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell UCC Edge | Version prior to 3.0.0 | Version 3.0.0 or later | https://www.dell.com/support/home/product-support/product/ucc-edge/drivers |
修订历史记录
| Revision | Date | Description |
| 1.0 | 2025-02-11 | Initial Release |
| 2.0 | 2025-02-11 | Updated table links |
| 3.0 | 2025-02-17 | Updated the affected products |
相关信息
法律免责声明
文章属性
文章编号: 000279299
文章类型: Dell Security Advisory
上次修改时间: 17 2月 2025
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。