Ga naar hoofdinhoud
Uitloggen

Welkom bij Dell

Mijn account
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen
  • Beheer uw Dell EMC locaties, producten en contactpersonen op productniveau met Company Administration.
Inloggen Een account maken Inloggen bij Premier Aanmelden voor partnerprogramma
Contact

Uw Dell.com-winkelwagentjes

Artikelnummer: 000225289

DSA-2024-229: Security Update for Dell ThinOS Vulnerabilities

Samenvatting: Dell ThinOS remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article content

Impact

Critical

Gegevens

Third-party Component CVEs More Information
Liquidware CVE-2016-0718, CVE-2012-6702, CVE-2016-5300, CVE-2016-4472, CVE-2017-9233, CVE-2018-20843, CVE-2019-15903, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674, CVE-2022-43680, CVE-2020-1968, CVE-2020-1971, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-3712, CVE-2021-4160, CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-5678, CVE-2024-0727 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Cisco Jabber CVE-2023-46218 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Cisco Webex Meetings VDI CVE-2022-45142, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2022-41409, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2017-10989, CVE-2018-8740, CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-8457, CVE-2019-16168, CVE-2019-19645, CVE-2019-19646, CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358, CVE-2022-35737, CVE-2023-7104, CVE-2022-37434, CVE-2023-45853 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Cisco Webex App VDI CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-35252, CVE-2022-42916, CVE-2022-42915, CVE-2022-32221, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
VMWare Horizon Client CVE-2023-46218, CVE-2023-46219, CVE-2023-46218, CVE-2023-46219, CVE-2023-3316, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650, CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363, CVE-2023-5678, CVE-2023-6129, CVE-2024-0727 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Zoom Universal CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Amazon WorkSpaces CVE-2023-52425, CVE-2023-52426, CVE-2023-52355, CVE-2021-30123, CVE-2021-33815, CVE-2021-38114, CVE-2021-38171, CVE-2022-1475, CVE-2022-3964, CVE-2022-3109, CVE-2022-3341, CVE-2022-48434, CVE-2023-46407, CVE-2023-47470, CVE-2024-22860, CVE-2024-22862, CVE-2024-22861, CVE-2023-45853 See NVD Link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-30472 Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure.   7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-30472 Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure.   7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Release Date Link
CVE-2024-30472 ThinOS Telemetry Dashboard Telemetry Dashboard v1.0.0.8 on Thin OS 2402 Telemetry Dashboard v1.1.0.6 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Telemetry Dashboard v1.1.0.6 | Driver Details
 
CVE-2016-0718, CVE-2012-6702, CVE-2016-5300, CVE-2016-4472, CVE-2017-9233, CVE-2018-20843, CVE-2019-15903, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674, CVE-2022-43680, CVE-2020-1968, CVE-2020-1971, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-3712, CVE-2021-4160, CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-5678, CVE-2024-0727 ThinOS Liquidware Liquidware_Stratusphere_UX_Connector_ID_Agent_6.6.2.5.10 on Thin OS 2402 Liquidware_Stratusphere_UX_Connector_ID_Agent_6.7.0.2.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Liquidware Stratusphere UX Connector ID Agent v6.7.0.2.2 | Driver Details
CVE-2023-46218 THinOS Cisco Jabber Cisco_Jabber_14.3.0.308378.8 on Thin OS 2402 Cisco_Jabber_14.3.0.308378.11 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Jabber package v14.3.0.308378.11 | Driver Details
CVE-2022-45142, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2022-41409, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2017-10989, CVE-2018-8740, CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-8457, CVE-2019-16168, CVE-2019-19645, CVE-2019-19646, CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358, CVE-2022-35737, CVE-2023-7104, CVE-2022-37434, CVE-2023-45853 ThinOS Cisco Webex Meetings VDI Cisco_Webex_Meetings_VDI_43.10.2.11.3 on Thin OS 2402
 		 Cisco_Webex_Meetings_VDI_44.2.0.76.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Webex Meetings VDI package v44.2.0.76.2 | Driver Details
CVE-2022-22576,
CVE-2022-27774,
CVE-2022-27775,
CVE-2022-27776,
CVE-2022-27781,
CVE-2022-27782,
CVE-2022-32205,
CVE-2022-32206,
CVE-2022-32207,
CVE-2022-32208,
CVE-2022-35252,
CVE-2022-42916,
CVE-2022-42915,
CVE-2022-32221,
CVE-2022-43551,
CVE-2022-43552,
CVE-2023-23914,
CVE-2023-23915,
CVE-2023-23916,
CVE-2023-27533,
CVE-2023-27534,
CVE-2023-27535,
CVE-2023-27536,
CVE-2023-27538,
CVE-2023-28319,
CVE-2023-28320,
CVE-2023-28321,
CVE-2023-28322,
CVE-2023-38545,
CVE-2023-38546,
CVE-2023-46218		 ThinOS Cisco Webex App VDI Cisco_Webex_App_VDI_43.10.0.27605.4 on Thin OS 2402 Cisco_Webex_App_VDI_44.2.0.28744.1 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Webex VDI package v44.2.0.28744.1 | Driver Details
CVE-2023-46218, CVE-2023-46219, CVE-2023-46218, CVE-2023-46219, CVE-2023-3316, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650, CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363, CVE-2023-5678, CVE-2023-6129, CVE-2024-0727 ThinOS VMWare Horizon Client VMware_Horizon_2309.8.11.0.22660930.37 on Thin OS 2402 VMware_Horizon_2312.1.8.12.1.5 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) VMware Horizon package v2312.1.8.12.1.5 | Driver Details
CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363 ThinOS Zoom Universal Zoom_Universal_5.16.10.24420.6 on Thin OS 2402 Zoom_Universal_5.17.10.24730.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Zoom Universal package v5.17.10.24730.2 | Driver Details
CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Release Date Link
CVE-2024-30472 ThinOS Telemetry Dashboard Telemetry Dashboard v1.0.0.8 on Thin OS 2402 Telemetry Dashboard v1.1.0.6 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Telemetry Dashboard v1.1.0.6 | Driver Details
 
CVE-2016-0718, CVE-2012-6702, CVE-2016-5300, CVE-2016-4472, CVE-2017-9233, CVE-2018-20843, CVE-2019-15903, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674, CVE-2022-43680, CVE-2020-1968, CVE-2020-1971, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-3712, CVE-2021-4160, CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-5678, CVE-2024-0727 ThinOS Liquidware Liquidware_Stratusphere_UX_Connector_ID_Agent_6.6.2.5.10 on Thin OS 2402 Liquidware_Stratusphere_UX_Connector_ID_Agent_6.7.0.2.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Liquidware Stratusphere UX Connector ID Agent v6.7.0.2.2 | Driver Details
CVE-2023-46218 THinOS Cisco Jabber Cisco_Jabber_14.3.0.308378.8 on Thin OS 2402 Cisco_Jabber_14.3.0.308378.11 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Jabber package v14.3.0.308378.11 | Driver Details
CVE-2022-45142, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2022-41409, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2017-10989, CVE-2018-8740, CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-8457, CVE-2019-16168, CVE-2019-19645, CVE-2019-19646, CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358, CVE-2022-35737, CVE-2023-7104, CVE-2022-37434, CVE-2023-45853 ThinOS Cisco Webex Meetings VDI Cisco_Webex_Meetings_VDI_43.10.2.11.3 on Thin OS 2402
 		 Cisco_Webex_Meetings_VDI_44.2.0.76.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Webex Meetings VDI package v44.2.0.76.2 | Driver Details
CVE-2022-22576,
CVE-2022-27774,
CVE-2022-27775,
CVE-2022-27776,
CVE-2022-27781,
CVE-2022-27782,
CVE-2022-32205,
CVE-2022-32206,
CVE-2022-32207,
CVE-2022-32208,
CVE-2022-35252,
CVE-2022-42916,
CVE-2022-42915,
CVE-2022-32221,
CVE-2022-43551,
CVE-2022-43552,
CVE-2023-23914,
CVE-2023-23915,
CVE-2023-23916,
CVE-2023-27533,
CVE-2023-27534,
CVE-2023-27535,
CVE-2023-27536,
CVE-2023-27538,
CVE-2023-28319,
CVE-2023-28320,
CVE-2023-28321,
CVE-2023-28322,
CVE-2023-38545,
CVE-2023-38546,
CVE-2023-46218		 ThinOS Cisco Webex App VDI Cisco_Webex_App_VDI_43.10.0.27605.4 on Thin OS 2402 Cisco_Webex_App_VDI_44.2.0.28744.1 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Cisco Webex VDI package v44.2.0.28744.1 | Driver Details
CVE-2023-46218, CVE-2023-46219, CVE-2023-46218, CVE-2023-46219, CVE-2023-3316, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650, CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363, CVE-2023-5678, CVE-2023-6129, CVE-2024-0727 ThinOS VMWare Horizon Client VMware_Horizon_2309.8.11.0.22660930.37 on Thin OS 2402 VMware_Horizon_2312.1.8.12.1.5 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) VMware Horizon package v2312.1.8.12.1.5 | Driver Details
CVE-2023-2975, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363 ThinOS Zoom Universal Zoom_Universal_5.16.10.24420.6 on Thin OS 2402 Zoom_Universal_5.17.10.24730.2 on Thin OS 2405 05/30/2024 ThinOS 2405 (9.5.2109) Zoom Universal package v5.17.10.24730.2 | Driver Details

Bevestigingen

CVE-2024-30472: Dell would like to thank matrixpdb for reporting this issue.
 

Revisiegeschiedenis

Revision DateDescription
1.02024-06-12Initial Release
2.02024-07-19Removed CVE-2023-5217 from Third-Party Component Table and the Affected Products and Remediation Table 

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische informatie

Artikeleigenschappen

Getroffen product

Wyse ThinOS

Datum laatst gepubliceerd

16 jul. 2024

Artikeltype

Dell Security Advisory

Terug naar boven