DSA-2022-272: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

詳細文章

影響

詳細資料

受影響的產品與補救措施

修訂歷史記錄

相關資訊

法律免責聲明

受影響的產品

提供意見反應

摘要: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.

本文章適用於本文章不適用於本文無關於任何特定產品。本文未識別所有產品版本。

查看其他資源

影響

Critical

詳細資料

Third-Party Component	CVEs	More information
Apache cxf	CVE-2021-22696	https://nvd.nist.gov/vuln/detail/CVE-2021-22696
	CVE-2021-30468	https://nvd.nist.gov/vuln/detail/CVE-2021-30468
	CVE-2021-40690	https://nvd.nist.gov/vuln/detail/CVE-2021-40690
Apache tomcat	CVE-2020-9484	https://nvd.nist.gov/vuln/detail/CVE-2020-9484
	CVE-2022-23181	https://nvd.nist.gov/vuln/detail/CVE-2022-23181
	CVE-2022-29885	https://nvd.nist.gov/vuln/detail/CVE-2022-29885
ESAPI	CVE-2022-23457	https://nvd.nist.gov/vuln/detail/CVE-2022-23457
git-core	CVE-2021-40330	https://www.suse.com/security/cve/CVE-2021-40330
grub2	CVE-2021-3695	https://www.suse.com/security/cve/CVE-2021-3695.html
	CVE-2021-3696	https://www.suse.com/security/cve/CVE-2021-3696.html
	CVE-2021-3697	https://www.suse.com/security/cve/CVE-2021-3697.html
	CVE-2022-28733	https://www.suse.com/security/cve/CVE-2022-28733.html
	CVE-2022-28734	https://www.suse.com/security/cve/CVE-2022-28734.html
	CVE-2022-28736	https://www.suse.com/security/cve/CVE-2022-28736.html
gstreamer	CVE-2021-3522	https://www.suse.com/security/cve/CVE-2021-3522.html
jackson-databind	CVE-2019-14379	https://nvd.nist.gov/vuln/detail/CVE-2019-14379
	CVE-2019-14540	https://nvd.nist.gov/vuln/detail/cve-2019-14540
	CVE-2019-14892	https://nvd.nist.gov/vuln/detail/CVE-2019-14892
	CVE-2019-14893	https://nvd.nist.gov/vuln/detail/CVE-2019-14893
	CVE-2019-16335	https://nvd.nist.gov/vuln/detail/CVE-2019-16335
	CVE-2019-16942	https://nvd.nist.gov/vuln/detail/CVE-2019-16942
	CVE-2019-16943	https://nvd.nist.gov/vuln/detail/CVE-2019-16943
	CVE-2019-17267	https://nvd.nist.gov/vuln/detail/CVE-2019-17267
	CVE-2019-17531	https://nvd.nist.gov/vuln/detail/CVE-2019-17531
	CVE-2020-36518	https://suse.com/security/cve/CVE-2020-36518.html
Java	CVE-2022-21277	https://nvd.nist.gov/vuln/detail/CVE-2022-21540
	CVE-2022-21540	https://nvd.nist.gov/vuln/detail/CVE-2022-21277
	CVE-2022-21541	https://nvd.nist.gov/vuln/detail/CVE-2022-21541
	CVE-2022-34169	https://nvd.nist.gov/vuln/detail/CVE-2022-34169
kernel-default-base	CVE-2020-36557	https://www.suse.com/security/cve/CVE-2020-36557.html
	CVE-2020-36558	https://www.suse.com/security/cve/CVE-2020-36558.html
	CVE-2021-33655	https://www.suse.com/security/cve/CVE-2021-33655.html
	CVE-2021-33656	https://www.suse.com/security/cve/CVE-2021-33656.html
	CVE-2021-45095	https://www.suse.com/security/cve/CVE-2021-45095.html
	CVE-2022-1462	https://www.suse.com/security/cve/CVE-2022-1462.html
	CVE-2022-20166	https://www.suse.com/security/cve/CVE-2022-20166.html
	CVE-2022-36946	https://www.suse.com/security/cve/CVE-2022-36946.html
libp11-kit0	CVE-2020-29362	https://www.suse.com/security/cve/CVE-2020-29362.html
libpcre2	CVE-2022-1587	https://www.suse.com/security/cve/CVE-2022-1587.html
libpq5	CVE-2022-2625	https://www.suse.com/security/cve/CVE-2022-2625.html
libz1	CVE-2022-37434	https://www.suse.com/security/cve/CVE-2022-37434.html
ncurses	CVE-2022-29458	https://www.suse.com/security/cve/CVE-2022-29458.html
ncurses	CVE-2021-39537	https://www.suse.com/security/cve/CVE-2021-39537.html
NSS	CVE-2021-43527	https://www.suse.com/security/cve/CVE-2021-43527.html
OpenSSH	CVE-2015-5600	https://www.suse.com/security/cve/CVE-2015-5600.html
OpenSSH	CVE-2015-6564	https://www.suse.com/security/cve/CVE-2015-6564.html
pgjdbc	CVE-2022-21724	https://nvd.nist.gov/vuln/detail/CVE-2022-21724
rsync	CVE-2022-29154	https://www.suse.com/security/cve/CVE-2022-29154.html
snakeyaml	CVE-2022-25857	https://nvd.nist.gov/vuln/detail/CVE-2022-25857
Apache:commons-text	CVE-2022-42889	https://nvd.nist.gov/vuln/detail/CVE-2022-42889
woodstox-core	CVE-2022-40151	https://nvd.nist.gov/vuln/detail/CVE-2022-40151
Fasterxml:jackson-databind	CVE-2022-42003	https://nvd.nist.gov/vuln/detail/CVE-2022-42003

Third-Party Component	CVEs	More information
Apache cxf	CVE-2021-22696	https://nvd.nist.gov/vuln/detail/CVE-2021-22696
	CVE-2021-30468	https://nvd.nist.gov/vuln/detail/CVE-2021-30468
	CVE-2021-40690	https://nvd.nist.gov/vuln/detail/CVE-2021-40690
Apache tomcat	CVE-2020-9484	https://nvd.nist.gov/vuln/detail/CVE-2020-9484
	CVE-2022-23181	https://nvd.nist.gov/vuln/detail/CVE-2022-23181
	CVE-2022-29885	https://nvd.nist.gov/vuln/detail/CVE-2022-29885
ESAPI	CVE-2022-23457	https://nvd.nist.gov/vuln/detail/CVE-2022-23457
git-core	CVE-2021-40330	https://www.suse.com/security/cve/CVE-2021-40330
grub2	CVE-2021-3695	https://www.suse.com/security/cve/CVE-2021-3695.html
	CVE-2021-3696	https://www.suse.com/security/cve/CVE-2021-3696.html
	CVE-2021-3697	https://www.suse.com/security/cve/CVE-2021-3697.html
	CVE-2022-28733	https://www.suse.com/security/cve/CVE-2022-28733.html
	CVE-2022-28734	https://www.suse.com/security/cve/CVE-2022-28734.html
	CVE-2022-28736	https://www.suse.com/security/cve/CVE-2022-28736.html
gstreamer	CVE-2021-3522	https://www.suse.com/security/cve/CVE-2021-3522.html
jackson-databind	CVE-2019-14379	https://nvd.nist.gov/vuln/detail/CVE-2019-14379
	CVE-2019-14540	https://nvd.nist.gov/vuln/detail/cve-2019-14540
	CVE-2019-14892	https://nvd.nist.gov/vuln/detail/CVE-2019-14892
	CVE-2019-14893	https://nvd.nist.gov/vuln/detail/CVE-2019-14893
	CVE-2019-16335	https://nvd.nist.gov/vuln/detail/CVE-2019-16335
	CVE-2019-16942	https://nvd.nist.gov/vuln/detail/CVE-2019-16942
	CVE-2019-16943	https://nvd.nist.gov/vuln/detail/CVE-2019-16943
	CVE-2019-17267	https://nvd.nist.gov/vuln/detail/CVE-2019-17267
	CVE-2019-17531	https://nvd.nist.gov/vuln/detail/CVE-2019-17531
	CVE-2020-36518	https://suse.com/security/cve/CVE-2020-36518.html
Java	CVE-2022-21277	https://nvd.nist.gov/vuln/detail/CVE-2022-21540
	CVE-2022-21540	https://nvd.nist.gov/vuln/detail/CVE-2022-21277
	CVE-2022-21541	https://nvd.nist.gov/vuln/detail/CVE-2022-21541
	CVE-2022-34169	https://nvd.nist.gov/vuln/detail/CVE-2022-34169
kernel-default-base	CVE-2020-36557	https://www.suse.com/security/cve/CVE-2020-36557.html
	CVE-2020-36558	https://www.suse.com/security/cve/CVE-2020-36558.html
	CVE-2021-33655	https://www.suse.com/security/cve/CVE-2021-33655.html
	CVE-2021-33656	https://www.suse.com/security/cve/CVE-2021-33656.html
	CVE-2021-45095	https://www.suse.com/security/cve/CVE-2021-45095.html
	CVE-2022-1462	https://www.suse.com/security/cve/CVE-2022-1462.html
	CVE-2022-20166	https://www.suse.com/security/cve/CVE-2022-20166.html
	CVE-2022-36946	https://www.suse.com/security/cve/CVE-2022-36946.html
libp11-kit0	CVE-2020-29362	https://www.suse.com/security/cve/CVE-2020-29362.html
libpcre2	CVE-2022-1587	https://www.suse.com/security/cve/CVE-2022-1587.html
libpq5	CVE-2022-2625	https://www.suse.com/security/cve/CVE-2022-2625.html
libz1	CVE-2022-37434	https://www.suse.com/security/cve/CVE-2022-37434.html
ncurses	CVE-2022-29458	https://www.suse.com/security/cve/CVE-2022-29458.html
ncurses	CVE-2021-39537	https://www.suse.com/security/cve/CVE-2021-39537.html
NSS	CVE-2021-43527	https://www.suse.com/security/cve/CVE-2021-43527.html
OpenSSH	CVE-2015-5600	https://www.suse.com/security/cve/CVE-2015-5600.html
OpenSSH	CVE-2015-6564	https://www.suse.com/security/cve/CVE-2015-6564.html
pgjdbc	CVE-2022-21724	https://nvd.nist.gov/vuln/detail/CVE-2022-21724
rsync	CVE-2022-29154	https://www.suse.com/security/cve/CVE-2022-29154.html
snakeyaml	CVE-2022-25857	https://nvd.nist.gov/vuln/detail/CVE-2022-25857
Apache:commons-text	CVE-2022-42889	https://nvd.nist.gov/vuln/detail/CVE-2022-42889
woodstox-core	CVE-2022-40151	https://nvd.nist.gov/vuln/detail/CVE-2022-40151
Fasterxml:jackson-databind	CVE-2022-42003	https://nvd.nist.gov/vuln/detail/CVE-2022-42003

Dell Technologies 建議所有客戶不僅要參考 CVSS 基本分數，也要將可能會影響與特定安全漏洞相關之潛在嚴重性的所有相關暫時和環境分數納入考量。

受影響的產品與補救措施

Product	Affected Versions	Updated Version	Link to Update
Dell Secure Connect Gateway	5.00.00.10 5.00.05.10 5.00.07.10 5.10.00.10 5.12.00.10	5.14.00.10	https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

Product	Affected Versions	Updated Version	Link to Update
Dell Secure Connect Gateway	5.00.00.10 5.00.05.10 5.00.07.10 5.10.00.10 5.12.00.10	5.14.00.10	https://www.dell.com/support/home/en-us/product-support/product/secure-connect-gateway-ve/drivers

修訂歷史記錄

Revision	Date	Description
1.0	2022-11-10	Initial Release

法律免責聲明

受影響的產品

Secure Connect Gateway, Secure Connect Gateway - Virtual Edition

文章編號: 000204996

文章類型: Dell Security Advisory

上次修改時間: 19 9月 2025

檢查您的裝置是否在支援服務的涵蓋範圍內。

DSA-2022-272: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

摘要: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.

影響

詳細資料

受影響的產品與補救措施

修訂歷史記錄

相關資訊

法律免責聲明

受影響的產品

文章屬性

向其他 Dell 使用者尋求您問題的答案

支援服務

文章屬性

向其他 Dell 使用者尋求您問題的答案

支援服務