Ga naar hoofdinhoud
Uitloggen

Welkom bij Dell

Mijn account
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen
  • Beheer uw Dell EMC locaties, producten en contactpersonen op productniveau met Company Administration.
Inloggen Een account maken Inloggen bij Premier Aanmelden voor partnerprogramma
Contact

Uw Dell.com-winkelwagentjes

Artikelnummer: 000224731

DSA-2024-191: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities

Samenvatting: Dell Enterprise SONiC remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article content

Impact

High

Gegevens

Third-party Component CVEs More Information
curl CVE-2023-27534, CVE-2023-28321, CVE-2023-28322, CVE-2023-38546, CVE-2023-46218 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
dbus CVE-2023-34969 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
grub2 CVE-2023-4692, CVE-2023-4693 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libgnutls30 (gnutls28) CVE-2023-5981, CVE-2024-0553 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libisc-export1100 (bind9) CVE-2023-3341 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libkrb5-3 (krb5) CVE-2023-36054 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libnghttp2-14 (nghttp2) CVE-2020-11080, CVE-2023-44487 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libx11 CVE-2023-43785, CVE-2023-43786, CVE-2023-43787 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libxpm4 CVE-2023-43788, CVE-2023-43789 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
ncurses CVE-2023-29491, CVE-2021-39537 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
openssh CVE-2021-41617, CVE-2023-48795, CVE-2023-51385 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
python2.7 CVE-2024-0450 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
python3.7 CVE-2023-40217, CVE-2022-48560, CVE-2022-48564, CVE-2022-48565, CVE-2022-48566, CVE-2023-6597, CVE-2024-0450 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
sudo-ldap (sudo) CVE-2023-28486, CVE-2023-28487, CVE-2023-7090 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
tar CVE-2023-39804 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Product Affected Versions Remediated Versions Link
Enterprise SONiC Distribution Versions prior to 4.2.1  4.2.1  Enterprise SONiC OS 4.2.1
Product Affected Versions Remediated Versions Link
Enterprise SONiC Distribution Versions prior to 4.2.1  4.2.1  Enterprise SONiC OS 4.2.1

Revisiegeschiedenis

RevisionDateDescription
1.02024-05-02Initial release

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische informatie

Artikeleigenschappen

Getroffen product

Enterprise SONiC Distribution

Datum laatst gepubliceerd

02 mei 2024

Artikeltype

Dell Security Advisory

Terug naar boven