Willkommen
Dell Standorte
Dell Standorte
Willkommen bei Dell
Mein Konto
- Bestellungen schnell und einfach aufgeben
- Bestellungen anzeigen und den Versandstatus verfolgen
- Profitieren Sie von exklusiven Prämien und Rabatten für Mitglieder
- Erstellen Sie eine Liste Ihrer Produkte, auf die Sie jederzeit zugreifen können.
DSA-2024-239: Security Update Dell ECS 3.8.1.1 for Multiple Security Vulnerabilities
Zusammenfassung: Dell ECS remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Dieser Artikel gilt für
Dieser Artikel gilt nicht für
Auswirkungen
Critical
Details
| Third-Party Component | CVEs | More Information |
|---|---|---|
| apache/xerces-c | CVE-2023-37536 | https://nvd.nist.gov/vuln/detail/CVE-2023-37536  |
| containerd | CVE-2022-1996 | https://nvd.nist.gov/vuln/detail/CVE-2022-1996 |
| GNU GRUB | CVE-2023-4692 | https://nvd.nist.gov/vuln/detail/CVE-2023-4692 |
| Java | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094 | See NVD link below for Individual scores for each CVE. https://nvd.nist.gov |
| Kernel | CVE-2023-3090, CVE-2023-3863, CVE-2023-39198, CVE-2023-4622, CVE-2023-4623, CVE-2023-5717, CVE-2023-6270, CVE-2023-6931, CVE-2023-6932 | See NVD link below for Individual scores for each CVE. https://nvd.nist.gov |
| krb5/krb5 | CVE-2023-36054 | https://nvd.nist.gov/vuln/detail/CVE-2023-36054 |
| libTIFF | CVE-2023-26965 | https://nvd.nist.gov/vuln/detail/CVE-2023-26965 |
| nghttp2 | CVE-2023-35945 | https://nvd.nist.gov/vuln/detail/CVE-2023-35945 |
| openSSH | CVE-2023-48795, CVE-2023-51385 | See NVD link below for Individual scores for each CVE. https://nvd.nist.gov |
| OpenSSL | CVE-2023-5678 | https://nvd.nist.gov/vuln/detail/CVE-2023-5678 |
| Python | CVE-2023-40217 | https://nvd.nist.gov/vuln/detail/CVE-2023-40217 |
| python3 | CVE-2023-27043, CVE-2023-40217, CVE-2023-6597 | See NVD link below for Individual scores for each CVE. https://nvd.nist.gov |
| Vim | CVE-2023-2610, CVE-2023-4733, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5535 | See NVD link below for Individual scores for each CVE. https://nvd.nist.gov |
| vorbis-tools | CVE-2023-43361 | https://nvd.nist.gov/vuln/detail/CVE-2023-43361 |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-30473 | Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points. | 4.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-30473 | Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points. | 4.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N |
Betroffene Produkte und Korrektur
| Product | Affected Versions | Remediated Version | Link to Update |
|---|---|---|---|
| Dell ECS | Versions prior to 3.8.1.1 | Version 3.8.1.1 | https://www.dell.com/support/incidents-online/contactus/dynamic |
| Product | Affected Versions | Remediated Version | Link to Update |
|---|---|---|---|
| Dell ECS | Versions prior to 3.8.1.1 | Version 3.8.1.1 | https://www.dell.com/support/incidents-online/contactus/dynamic |
Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening a “Operating Environment Upgrade” Service Request.
Revisionsverlauf
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-07-18 | Initial Release |