Ga naar hoofdinhoud
Uitloggen

Welkom bij Dell

Mijn account
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen
Inloggen Een account maken Inloggen bij Premier Aanmelden voor partnerprogramma
Contact

Uw Dell.com-winkelwagentjes

DSA-2024-192: Security Update for Data Protection Advisor and PowerProtect DP Series Appliance (IDPA) for Multiple Vulnerabilities

Samenvatting: Data Protection Advisor and PowerProtect DP Series Appliance (IDPA) remediation is available for multiple third-party vulnerabilities that could be exploited by malicious users to compromise the affected system. ...

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.
Bekijk andere hulpbronnen

Impact

High

Gegevens

Third-party Component CVEs More Information

Oracle Java SE (JRE8u401)

 CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-28974 Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-28974 Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

CVE(s) Addressed  Product Affected Versions Remediated Versions Link 
CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952, CVE-2024-28974
 		 Dell Protection Advisor Versions 19.5 through 19.9 Data Protection Advisor Agent 19.9 Build B120 or later https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers
CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952, CVE-2024-28974 PowerProtect DP Series Appliance (IDPA) Version 2.7.6 and prior Version 2.7.6 with Data Protection Advisor Agent 19.9 Build B120 https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers
CVE(s) Addressed  Product Affected Versions Remediated Versions Link 
CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952, CVE-2024-28974
 		 Dell Protection Advisor Versions 19.5 through 19.9 Data Protection Advisor Agent 19.9 Build B120 or later https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers
CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952, CVE-2024-28974 PowerProtect DP Series Appliance (IDPA) Version 2.7.6 and prior Version 2.7.6 with Data Protection Advisor Agent 19.9 Build B120 https://www.dell.com/support/home/product-support/product/data-protection-advisor/drivers

Revisiegeschiedenis

RevisionDateDescription
1.02024-05-15Initial Release
2.02024-05-27Added CVE-2024-28974 to "PROPRIERTARY CODE" as well as "AFFECTED PRODUCTS AND REMEDIATION" section.
3.02024-05-28Updated for enhanced format presentation with no change to content

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische verklaring van afstand

Getroffen producten

Data Protection Advisor, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information
Artikeleigenschappen
Artikelnummer: 000225088
Artikeltype: Dell Security Advisory
Laatst aangepast: 28 mei 2024
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.