Auswirkungen
Medium
Details
Third-party Components |
CVEs |
More Information |
AdoptOpenJDK |
CVE-2023-22025, CVE-2023-22067, CVE-2023-22081 |
See NVD link below for individual scores for each CVE. https://nvd.nist.gov/ |
Dell Technologies empfiehlt allen Kunden, sowohl die CVSS-Gesamtbewertung als auch alle relevanten zeitlichen und umweltbezogenen Bewertungen zu berücksichtigen, die sich auf den potenziellen Schweregrad einer bestimmten Sicherheitsschwachstelle auswirken können.
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
Dell OpenManage Server Administrator (OMSA) |
AdoptOpenJDK |
Version 11.0.20 |
Version 11.0.21 or later |
Eclipse Temurin OpenJDK install packages |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
Dell OpenManage Server Administrator (OMSA) |
AdoptOpenJDK |
Version 11.0.20 |
Version 11.0.21 or later |
Eclipse Temurin OpenJDK install packages |
The expected availability of Dell OpenManage Server Administrator version 11.1.0.0 is September 2024 and will contain the remediated version of AdoptOpenJDK. Until the release occurs, please follow the workaround and mitigation steps as described above.
Workarounds und Korrekturmaßnahmen
CVE ID |
Workaround and Mitigation |
CVE-2023-22025, CVE-2023-22067, CVE-2023-22081 |
Customers on Dell OpenManage Server Administrator versions of 11.0.1.0 and earlier, consuming AdoptOpenJDK or Oracle JDK/JRE, can directly upgrade the library to the latest version of AdoptOpenJDK to resolve the vulnerabilities. The steps to upgrade the AdoptOpenJDK library to the latest version have been provided in an existing KB article. https://www.dell.com/support/kbdoc/en-us/000223382 |
Revisionsverlauf
Revision | Date | Description |
---|
1.0 | 2024-08-27 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Betroffene Produkte
OpenManage Server Administrator