DSA-2022-107: Dell Data Protection Advisor Security Update for Stored Cross Site Scripting Vulnerability
摘要: Dell Data Protection Advisor (DPA) remediation is available for the Stored Cross Site Scripting Vulnerability that may be exploited by malicious users to compromise affected systems.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Medium
詳細資料
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-33935 | Dell Data Protection Advisor versions 19.6 and earlier contains a Stored Cross Site Scripting vulnerability. An attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the web browser runs the malicious code in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-33935 | Dell Data Protection Advisor versions 19.6 and earlier contains a Stored Cross Site Scripting vulnerability. An attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the web browser runs the malicious code in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | 5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
受影響的產品與補救措施
| Product | Affected Versions | Updated Version | Link to Update |
| Data Protection Advisor |
19.6 and earlier |
19.7 Build B4 | https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| PowerProtect DP Series Appliance (IDPA) | IDPA 2.7.3 and earlier | IDPA 2.7.2 or IDPA 2.7.3 with DP Advisor 19.8 Build B33 patch |
Steps to upgrade: PowerProtect DP Series Appliance and IDPA: Steps to upgrade DPA or Data Protection Advisor component out of band within the appliance |
| Product | Affected Versions | Updated Version | Link to Update |
| Data Protection Advisor |
19.6 and earlier |
19.7 Build B4 | https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers |
| PowerProtect DP Series Appliance (IDPA) | IDPA 2.7.3 and earlier | IDPA 2.7.2 or IDPA 2.7.3 with DP Advisor 19.8 Build B33 patch |
Steps to upgrade: PowerProtect DP Series Appliance and IDPA: Steps to upgrade DPA or Data Protection Advisor component out of band within the appliance |
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2022-07-25 | Initial Release |
| 2.0 | 2023-03-06 | Added PowerProtect DP Series Appliance (IDPA) to Affected Products and Remediation section. |
| 3.0 | 2023-03-13 | Made some minor changes to links under "Link to Updates column" and Updated the "Affected Products" section under "Article Properties" |
| 4.0 | 2023-03-14 | Made changes to IDPA product-> "Link to Update" column |
| 5.0 | 2023-04-03 | Made changes to "Updated Version" & "Link to update" columns under "Affected Products and Remediation" section |
相關資訊
法律免責聲明
受影響的產品
PowerProtect Data Protection Appliance, Data Protection Advisor, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information文章屬性
文章編號: 000201824
文章類型: Dell Security Advisory
上次修改時間: 19 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。