Zu den Hauptinhalten
Abmelden

Willkommen bei Dell

Mein Konto
  • Bestellungen schnell und einfach aufgeben
  • Bestellungen anzeigen und den Versandstatus verfolgen
  • Profitieren Sie von exklusiven Prämien und Rabatten für Mitglieder
  • Erstellen Sie eine Liste Ihrer Produkte, auf die Sie jederzeit zugreifen können.
  • Verwalten Sie mit der Unternehmensverwaltung Ihre Dell EMC Seiten, Produkte und produktspezifischen Kontakte.
Anmelden Konto erstellen Premier-Anmeldung Anmeldung beim Partnerprogramm
Kontakt

Ihr Warenkorb bei Dell.com

Artikelnummer: 000226426

DSA-2024-250: Security update for Dell Avamar, Dell Integrated Data Protection Appliance (IDPA) Security Update for Multiple Vulnerabilities

Zusammenfassung: Dell Avamar, Dell Integrated Data Protection Appliance (IDPA) remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system. ...

Artikelinhalt

Auswirkungen

Critical

Details

Third-party Component CVEs More Information
BIOS-Gen5A CVE-2024-0172, CVE-2022-40982, CVE-2022-43505, CVE-2024-0154, CVE-2024-0173, CVE-2024-0161, CVE-2023-39432, CVE-2023-33870, CVE-2023-29153, CVE-2023-47165, CVE-2024-21828 See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
ADS Gen4T AMI BIOS Europa 2U CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2020-8670, CVE-2022-21233, CVE-2022-26074, CVE-2021-33060, CVE-2021-28216, CVE-2022-21198, CVE-2022-26845, CVE-2022-29893, CVE-2022-27497, CVE-2022-33159, CVE-2022-26343, CVE-2022-26006, CVE-2021-0187, CVE-2022-26837, CVE-2022-29466, CVE-2022-29515, CVE-2021-30004, CVE-2022-36372, CVE-2017-5715 See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
ADS Openssl Gen4T CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304 See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Gen4T Tianocore EDK2 CVE-2021-38578 See NVD link below for individual scores for each CVE. 
https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies empfiehlt allen Kunden, sowohl die CVSS-Gesamtbewertung als auch alle relevanten zeitlichen und umweltbezogenen Bewertungen zu berücksichtigen, die sich auf den potenziellen Schweregrad einer bestimmten Sicherheitsschwachstelle auswirken können.

Betroffene Produkte und Problembehebung

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-0172, CVE-2022-40982, CVE-2022-43505, CVE-2024-0154, CVE-2024-0173, CVE-2024-0161, CVE-2023-39432, CVE-2023-33870, CVE-2023-29153, CVE-2023-47165, CVE-2024-21828 Dell Avamar Data Store Gen5A Dell Avamar operating system ADS Gen5A Avamar Gen5a Dec 2023 firmware block update for server nodes (Hotfix 338797) https://www.dell.com/support/home
CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2020-8670, CVE-2022-21233, CVE-2022-26074, CVE-2021-33060, CVE-2021-28216, CVE-2022-21198, CVE-2022-26845, CVE-2022-29893, CVE-2022-27497, CVE-2022-33159, CVE-2022-26343, CVE-2022-26006, CVE-2021-0187, CVE-2022-26837, CVE-2022-29466, CVE-2022-29515, CVE-2021-30004, CVE-2022-36372, CVE-2017-5715, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578 Dell Avamar Data Store Gen4T Dell Avamar operating system ADS Gen4T Avamar Gen4T 18.12 firmware block update for server nodes (Hotfix 338783) https://www.dell.com/support/home
CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2020-8670, CVE-2022-21233, CVE-2022-26074, CVE-2021-33060, CVE-2021-28216, CVE-2022-21198, CVE-2022-26845, CVE-2022-29893, CVE-2022-27497, CVE-2022-33159, CVE-2022-26343, CVE-2022-26006, CVE-2021-0187, CVE-2022-26837, CVE-2022-29466, CVE-2022-29515, CVE-2021-30004, CVE-2022-36372, CVE-2017-5715, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578 Dell Power Protect DP Series (Integrated Data Protection Appliance (IDPA)) Dell Avamar operating system Version 2.7.6 and prior (only 8x Models) IDPA 2.7.6 Avamar Gen4T 18.12 firmware block update for server nodes (Hotfix 338783) https://www.dell.com/support/home
CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-0172, CVE-2022-40982, CVE-2022-43505, CVE-2024-0154, CVE-2024-0173, CVE-2024-0161, CVE-2023-39432, CVE-2023-33870, CVE-2023-29153, CVE-2023-47165, CVE-2024-21828 Dell Avamar Data Store Gen5A Dell Avamar operating system ADS Gen5A Avamar Gen5a Dec 2023 firmware block update for server nodes (Hotfix 338797) https://www.dell.com/support/home
CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2020-8670, CVE-2022-21233, CVE-2022-26074, CVE-2021-33060, CVE-2021-28216, CVE-2022-21198, CVE-2022-26845, CVE-2022-29893, CVE-2022-27497, CVE-2022-33159, CVE-2022-26343, CVE-2022-26006, CVE-2021-0187, CVE-2022-26837, CVE-2022-29466, CVE-2022-29515, CVE-2021-30004, CVE-2022-36372, CVE-2017-5715, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578 Dell Avamar Data Store Gen4T Dell Avamar operating system ADS Gen4T Avamar Gen4T 18.12 firmware block update for server nodes (Hotfix 338783) https://www.dell.com/support/home
CVE-2021-3711, CVE-2021-3712, CVE-2022-0778, CVE-2020-8670, CVE-2022-21233, CVE-2022-26074, CVE-2021-33060, CVE-2021-28216, CVE-2022-21198, CVE-2022-26845, CVE-2022-29893, CVE-2022-27497, CVE-2022-33159, CVE-2022-26343, CVE-2022-26006, CVE-2021-0187, CVE-2022-26837, CVE-2022-29466, CVE-2022-29515, CVE-2021-30004, CVE-2022-36372, CVE-2017-5715, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578 Dell Power Protect DP Series (Integrated Data Protection Appliance (IDPA)) Dell Avamar operating system Version 2.7.6 and prior (only 8x Models) IDPA 2.7.6 Avamar Gen4T 18.12 firmware block update for server nodes (Hotfix 338783) https://www.dell.com/support/home
  • The CVEs remedied by this security update are included in this security Advisory. The list not only have the new CVEs remedied by this update, but all the past CVEs included in this cumulative update. 
  • Dell recommends that you always upgrade to the latest release/version for your product.
  • The README file for both Gen5A and Gen4T AVP are Gen5A Dec 2023 Block & Gen4T 18.12 AVP respectively.
  • Certain old BIOS firmware versions may fail to upgrade:
    • Attempting to update BIOS version 2.4.8 to 2.21.2 is known to fail.
    • Attempting to update BIOS version 2.9.4 to 2.21.2 is known to fail.
  • Remedy
    • If the BIOS version is lower than 2.12.2, then contact Dell Customer Support to apply the “September 2021 firmware block AVP(Gen5aSep2021Blk338753.avp)”, before attempting to update to the Dec 2023 firmware block release.
    • To know the BIOS version, run the following command as admin/root user in the Avamar console.
      • “omreport system version”
  • Customers should contact Dell support to install the Firmware release. To schedule platform security patch installation, or to upgrade your server, contact Dell Customer Support at https://www.dell.com/support/home/product-support/product/avamar/drivers

Revisionsverlauf

Revision DateDescription
1.02024-06-26 Initial Release

Zugehörige Informationen

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Rechtliche Hinweise

Artikeleigenschaften

Betroffenes Produkt

Avamar, Avamar, Avamar Data Store, Avamar Data Store Gen4T, Avamar Data Store Gen5A, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, Product Security Information

Letztes Veröffentlichungsdatum

26 Juni 2024

Artikeltyp

Dell Security Advisory

Zurück zum Anfang