DSA-2024-010: Security Update for Dell Data Protection Central for Multiple Third-Party Vulnerabilities

摘要: Dell Data Protection Central remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

本文章適用於 本文章不適用於 本文無關於任何特定產品。 本文未識別所有產品版本。
查看其他資源

影響

Critical

詳細資料

Third-party Component CVEs More Information
IAM service
 		 CVE-2023-36054, CVE-2023-4039, CVE-2023-38039, CVE-2023-25193, CVE-2018-9234, CVE-2023-40217, CVE-2023-31484, CVE-2023-21930, CVE-2023-34035, CVE-2023-24329, CVE-2023-28322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
node.js CVE-2022-35255, CVE-2023-32002, CVE-2022-43548, CVE-2023-30589, CVE-2023-23918, CVE-2022-32212 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Tomcat CVE-2023-28709 https://nvd.nist.gov/vuln/detail/CVE-2023-28709 This hyperlink is taking you to a website outside of Dell Technologies.
get-func-name CVE-2023-43646 https://nvd.nist.gov/vuln/detail/CVE-2023-43646 This hyperlink is taking you to a website outside of Dell Technologies.
google guava CVE-2023-2976 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 This hyperlink is taking you to a website outside of Dell Technologies.
cookiejar CVE-2022-25901 https://nvd.nist.gov/vuln/detail/CVE-2022-25901 This hyperlink is taking you to a website outside of Dell Technologies.
semver CVE-2022-25883 https://nvd.nist.gov/vuln/detail/CVE-2022-25883 This hyperlink is taking you to a website outside of Dell Technologies.
Okio CVE-2023-3635 https://nvd.nist.gov/vuln/detail/CVE-2023-3635 This hyperlink is taking you to a website outside of Dell Technologies.
spring boot CVE-2023-20873, CVE-2023-20883 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
spring security CVE-2023-34034 https://nvd.nist.gov/vuln/detail/CVE-2023-34034) This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies 建議所有客戶不僅要參考 CVSS 基本分數,也要將可能會影響與特定安全漏洞相關之潛在嚴重性的所有相關暫時和環境分數納入考量。

受影響的產品與補救措施

Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Product Software/Firmware Affected Versions Remediated Versions Link
Dell Data Protection Central Data Protection Central OS Update (SUSE SLES 12 SP5) Version 19.10 Version 19.10.0-4 Data Protection Central 19.10.0-4
Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.10 Release Notes’ in Dell Data Protection Central 19.10 Release Notes | Dell US

修訂歷史記錄

RevisionDateDescription
1.02024-01-17Initial Release

相關資訊

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法律免責聲明

受影響的產品

Data Protection Central
文章屬性
文章編號: 000221194
文章類型: Dell Security Advisory
上次修改時間: 19 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。