Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us

DSA-2023-262: Security Update for Dell PowerProtect Data Manager

Summary: Dell PowerProtect Data Manager remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Operating System Components CVE Details: 
 
Third Party Component  CVEs More Information
python3-cffi=1.11.5-5.19.1 CVE-2023-23931 CVE-2023-23931 This hyperlink is taking you to a website outside of Dell Technologies.
python3-cryptography=2.8-7.40.1 CVE-2023-23931 CVE-2023-23931 This hyperlink is taking you to a website outside of Dell Technologies.
libldap-2_4-2=2.4.41-22.19.1 CVE-2023-2953 CVE-2023-2953 This hyperlink is taking you to a website outside of Dell Technologies.
supportutils=3.0.11-95.54.1 CVE-2022-45154 CVE-2022-45154 This hyperlink is taking you to a website outside of Dell Technologies.
shadow=4.2.1-36.3.1 CVE-2023-29383 CVE-2023-29383 This hyperlink is taking you to a website outside of Dell Technologies.
libxslt-tools=1.1.28-17.15.1
libxslt1=1.1.28-17.15.1		 CVE-2021-30560 CVE-2021-30560 This hyperlink is taking you to a website outside of Dell Technologies.
libavahi-client3=0.6.32-32.18.1
libavahi-common3=0.6.32-32.18.1		 CVE-2023-1981 CVE-2023-1981 This hyperlink is taking you to a website outside of Dell Technologies.
libpq5=15.3-3.9.1
postgresql14-server=14.8-3.23.1
postgresql14=14.8-3.23.1		 CVE-2023-2454, CVE-2023-2455 CVE-2023-2454, CVE-2023-2455 This hyperlink is taking you to a website outside of Dell Technologies.
ucode-intel=20230512-3.52.1 CVE-2022-33972 CVE-2022-33972 This hyperlink is taking you to a website outside of Dell Technologies.
containerd=1.6.19-16.79.1 CVE-2023-25153, CVE-2023-25173 CVE-2023-25153, CVE-2023-25173 This hyperlink is taking you to a website outside of Dell Technologies.
vim-data-common=9.0.1386-17.15.4
vim-data=9.0.1386-17.15.4
vim=9.0.1386-17.15.4		 CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175 CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175 This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default=4.12.14-122.159.1 CVE-2022-43945, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772 CVE-2022-43945, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772 This hyperlink is taking you to a website outside of Dell Technologies.
runc=1.1.5-16.31.1 CVE-2023-25809, CVE-2023-27561, CVE-2023-28642 CVE-2023-25809, CVE-2023-27561, CVE-2023-28642 This hyperlink is taking you to a website outside of Dell Technologies.
git-core=2.26.2-27.69.1 CVE-2023-25652 CVE-2023-25652 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk-headless=11.0.19.0-3.58.2 CVE-2023-21930, CVE-2023-21937, CVE-2023-21938 CVE-2023-21930, CVE-2023-21937, CVE-2023-21938 This hyperlink is taking you to a website outside of Dell Technologies.
docker=20.10.23_ce-98.89.1 CVE-2022-36109 CVE-2022-36109 This hyperlink is taking you to a website outside of Dell Technologies.
libsystemd0=228-157.52.1
libudev1=228-157.52.1
systemd-bash-completion=228-157.52.1
systemd-sysvinit=228-157.52.1
systemd=228-157.52.1
udev=228-157.52.1		 CVE-2023-26604 CVE-2023-26604 This hyperlink is taking you to a website outside of Dell Technologies.
samba-client-libs=4.15.13+git.594.449ec4a79a1-3.80.1
samba-libs-python3=4.15.13+git.594.449ec4a79a1-3.80.1
samba-libs=4.15.13+git.594.449ec4a79a1-3.80.1		 CVE-2023-0922 CVE-2023-0922 This hyperlink is taking you to a website outside of Dell Technologies.
libpython3_4m1_0=3.4.10-25.111.1
python3-base=3.4.10-25.111.1
python3=3.4.10-25.111.1		 CVE-2023-24329 CVE-2023-24329 This hyperlink is taking you to a website outside of Dell Technologies.
libncurses5=5.9-81.1
libncurses6=5.9-81.1
ncurses-utils=5.9-81.1
terminfo-base=5.9-81.1
terminfo=5.9-81.1		 CVE-2023-29491 CVE-2023-29491 This hyperlink is taking you to a website outside of Dell Technologies.
libpython3_6m1_0=3.6.15-46.1
python36-base=3.6.15-46.1
python36=3.6.15-46.1		 CVE-2007-4559 CVE-2007-4559 This hyperlink is taking you to a website outside of Dell Technologies.
emacs-info=24.3-25.12.1
emacs-nox=24.3-25.12.1
emacs=24.3-25.12.1
etags=24.3-25.12.1		 CVE-2022-48337, CVE-2022-48339 CVE-2022-48337, CVE-2022-48339 This hyperlink is taking you to a website outside of Dell Technologies.
curl=8.0.1-11.65.2
libcurl4=8.0.1-11.65.2		 CVE-2023-28319 CVE-2023-28319 This hyperlink is taking you to a website outside of Dell Technologies.
cloud-init-config-suse=20.2-37.57.1
cloud-init=20.2-37.57.1		 CVE-2023-1786 CVE-2023-1786 This hyperlink is taking you to a website outside of Dell Technologies.
sudo=1.8.27-4.38.1 CVE-2023-28486 CVE-2023-28486 This hyperlink is taking you to a website outside of Dell Technologies.
libopenssl1_0_0=1.0.2p-3.75.1
libopenssl1_1=1.1.1d-2.84.1
openssl-1_0_0=1.0.2p-3.75.1		 CVE-2023-2650 CVE-2023-2650 This hyperlink is taking you to a website outside of Dell Technologies.
libharfbuzz0=1.4.5-8.3.1 CVE-2023-25193 CVE-2023-25193 This hyperlink is taking you to a website outside of Dell Technologies.
glib2-lang=2.48.2-12.34.1
glib2-tools=2.48.2-12.34.1
libgio-2_0-0=2.48.2-12.34.1
libglib-2_0-0=2.48.2-12.34.1
libgmodule-2_0-0=2.48.2-12.34.1
libgobject-2_0-0=2.48.2-12.34.1		 CVE-2023-24593 CVE-2023-24593 This hyperlink is taking you to a website outside of Dell Technologies.
libxml2-2=2.9.4-46.62.1
libxml2-tools=2.9.4-46.62.1		 CVE-2023-29469 CVE-2023-29469 This hyperlink is taking you to a website outside of Dell Technologies.
dmidecode=3.0-10.6.1 CVE-2023-30630 CVE-2023-30630 This hyperlink is taking you to a website outside of Dell Technologies.
ntp=4.2.8p15-100.1 CVE-2023-26551 CVE-2023-26551 This hyperlink is taking you to a website outside of Dell Technologies.
cups-libs=1.7.5-20.39.1 CVE-2023-32324 CVE-2023-32324 This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Core 
Third Party Component   CVEs More Information
openapi-generator 6.2.1 CVE-2023-27162 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache JAMES mime4j 0.7.2 CVE-2022-45787 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SnakeYAML1.33 CVE-2022-1471 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Spring Vault Core 2.3.2 CVE-2023-20859 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
 spring-security-oauth2-client 5.7.3 CVE-2022-31690 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Elastic search 7.17.8 CVE-2022-38777 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Xerial SQLite JDBC3.36.0.3 CVE-2023-32697 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

 
PPDM Kubernetes cProxy:
Third Party Component   CVEs More Information
powerprotect-k8s-controller CVE-2023-29405, CVE-2023-29404, CVE-2023-29402, CVE-2023-24540, CVE-2023-24538, CVE-2023-29403, CVE-2023-26604, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2022-41725, CVE-2022-41724, CVE-2022-41723, CVE-2022-41716, CVE-2022-41715, CVE-2022-2880, CVE-2022-2879, CVE-2023-29400, CVE-2023-24539, CVE-2022-41723, CVE-2022-27664, CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774, CVE-2023-2953, CVE-2023-29469, CVE-2023-28484, CVE-2023-28319, CVE-2023-0465, CVE-2023-27538, CVE-2023-27536, CVE-2023-27535, CVE-2023-29383, CVE-2023-24532, CVE-2023-0464, CVE-2022-41717, CVE-2023-27534, CVE-2023-27533, CVE-2023-28321, CVE-2023-28320, CVE-2023-0466 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
powerprotect-cproxy CVE-2023-29405 , CVE-2023-29404, CVE-2023-29402, CVE-2023-24540, CVE-2023-24538, CVE-2023-29403, CVE-2023-26604, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2023-29400, CVE-2023-24539, CVE-2022-27191, CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774, CVE-2023-2953, CVE-2023-29469, CVE-2023-28484, CVE-2023-28319, CVE-2023-0465, CVE-2023-27538, CVE-2023-27536, CVE-2023-27535, CVE-2023-29383, CVE-2023-24532, CVE-2023-0464, CVE-2023-27534, CVE-2023-27533, CVE-2023-28321, CVE-2023-28320, CVE-2023-0466  See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
powerprotect-velero-dd CVE-2023-29405, CVE-2023-29404CVE-2023-29402, CVE-2023-24540CVE-2023-24538, CVE-2023-29403CVE-2023-26604, CVE-2023-24537CVE-2023-24536, CVE-2023-24534CVE-2023-29400, CVE-2023-24539CVE-2022-41723, CVE-2022-27664CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774CVE-2023-2953, CVE-2023-29469CVE-2023-28484, CVE-2023-28319CVE-2023-0465, CVE-2023-27538CVE-2023-27536, CVE-2023-27535CVE-2023-29383, CVE-2023-24532CVE-2023-0464, CVE-2023-27534CVE-2023-27533, CVE-2023-28321CVE-2022-41717, CVE-2023-28320CVE-2023-0466 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM-UI:
Third Party Component   CVEs More Information
Webpack v5.74.0 CVE-2023-28154 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
engine.io v6.2.1  CVE-2023-31125 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Cloud Disaster Recovery
Third Party Component   CVEs More Information
Jettison - Json Stax implementation1.5.2 CVE-2023-1436 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SnakeYaml 1.33 CVE-2022-1471 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
json-smart2.4.8 CVE-2023-1370 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SpringFramework 5.3.25 CVE-2023-20860, CVE-2023-20861, CVE-2023-20863 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Native Reporting
Third Party Component   CVEs More Information
Apache Commons Compress 1.9 CVE-2018-11771, CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
jackson-databind 2.13.2.2 CVE-2022-42003, CVE-2022-42004 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
RESTEasy 3.0.11.Final CVE-2016-6346 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

Cloud Snapshot Manager 
Third Party Component   CVEs More Information
gopkg.in/golang/text.v0#v0.3.6 CVE-2022-32149, CVE-2021-38561 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
github: golang/text:v0.3.5 CVE-2021-38561, CVE-2021-38561 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Agents
Third Party Component   CVEs More Information
libxml2 2.9.14 CVE-2022-40304, CVE-2022-40303, CVE-2023-29469, CVE-2023-28484 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Commons Net 3.8.0 CVE-2021-37533 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Xerces2 J2.7.1 CVE-2012-0881, CVE-2013-4002, CVE-2022-23437, CVE-2009-2625 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
GStreamer 0.10.35 CVE-2016-9634, CVE-2016-9636, CVE-2016-9635, CVE-2019-9928, CVE-2022-1920, CVE-2022-1923, CVE-2022-1924, CVE-2022-2122, CVE-2022-1921, CVE-2022-1922, CVE-2021-3497, CVE-2016-9447, CVE-2016-9809, CVE-2022-1925, CVE-2017-5848, CVE-2017-5840, CVE-2016-10199, CVE-2016-9446, CVE-2017-5839, CVE-2017-5838, CVE-2016-9812, CVE-2017-5841, CVE-2017-5843, CVE-2017-5847, CVE-2016-9808, CVE-2017-5845, CVE-2015-0797, CVE-2016-10198, CVE-2021-3522, CVE-2017-5844, CVE-2016-9807, CVE-2017-5837, CVE-2017-5846, CVE-2016-9810, CVE-2016-9813, CVE-2017-5842, CVE-2016-9811 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Java Platform Standard Edition (JRE) (J2RE)
8u51		 CVE-2015-4881, CVE-2015-4860, CVE-2015-4844, CVE-2015-4883, CVE-2015-4805, CVE-2015-4843, CVE-2015-4835, CVE-2015-4868, CVE-2015-4806, CVE-2015-4803, CVE-2015-4903, CVE-2015-4734, CVE-2015-4882, CVE-2015-4893, CVE-2015-4872, CVE-2015-4911, CVE-2015-4840, CVE-2015-4842 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libjpeg 7 CVE-2020-14152 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libpng 1.6.16 CVE-2017-12652, CVE-2016-3751, CVE-2015-8126, CVE-2016-10087, CVE-2015-8472, CVE-2019-7317 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
PCRE 8.00 CVE-2015-8389, CVE-2015-8386, CVE-2015-8390, CVE-2015-8394, CVE-2015-8391, CVE-2016-3191, CVE-2015-8383, CVE-2015-5073, CVE-2015-2325, CVE-2015-8393, CVE-2019-20838, CVE-2015-8381, CVE-2017-6004, CVE-2015-8380, CVE-2015-8395, CVE-2015-8392, CVE-2015-2327, CVE-2015-2328, CVE-2015-8388, CVE-2015-8384, CVE-2015-8385, CVE-2015-8387, CVE-2015-2326, CVE-2020-14155, CVE-2014-8964 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SQLite 3.7.16.2 CVE-2015-5895, CVE-2019-8457, CVE-2020-11656, CVE-2019-19646, CVE-2017-10989, CVE-2018-20346, CVE-2018-20506, CVE-2015-3414, CVE-2015-3416, CVE-2018-20505, CVE-2022-35737, CVE-2018-8740, CVE-2020-11655, CVE-2015-3415, CVE-2015-3717, CVE-2020-13630, CVE-2015-6607, CVE-2020-13435, CVE-2019-19645, CVE-2020-15358, CVE-2020-13631, CVE-2020-13434, CVE-2020-13632, CVE-2016-6153 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
zlib 1.2.8 CVE-2016-9841, CVE-2022-37434, CVE-2016-9843, CVE-2016-9842, CVE-2016-9840, CVE-2018-25032 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
curl 7.87.0 CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2023-27535, CVE-2023-28319, CVE-2023-23915, CVE-2023-23916, CVE-2023-27536, CVE-2023-28320, CVE-2023-28321, CVE-2023-27538, CVE-2023-28322 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 2.10.3 CVE-2023-28484, CVE-2023-29469 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Operating System Components CVE Details: 
 
Third Party Component  CVEs More Information
python3-cffi=1.11.5-5.19.1 CVE-2023-23931 CVE-2023-23931 This hyperlink is taking you to a website outside of Dell Technologies.
python3-cryptography=2.8-7.40.1 CVE-2023-23931 CVE-2023-23931 This hyperlink is taking you to a website outside of Dell Technologies.
libldap-2_4-2=2.4.41-22.19.1 CVE-2023-2953 CVE-2023-2953 This hyperlink is taking you to a website outside of Dell Technologies.
supportutils=3.0.11-95.54.1 CVE-2022-45154 CVE-2022-45154 This hyperlink is taking you to a website outside of Dell Technologies.
shadow=4.2.1-36.3.1 CVE-2023-29383 CVE-2023-29383 This hyperlink is taking you to a website outside of Dell Technologies.
libxslt-tools=1.1.28-17.15.1
libxslt1=1.1.28-17.15.1		 CVE-2021-30560 CVE-2021-30560 This hyperlink is taking you to a website outside of Dell Technologies.
libavahi-client3=0.6.32-32.18.1
libavahi-common3=0.6.32-32.18.1		 CVE-2023-1981 CVE-2023-1981 This hyperlink is taking you to a website outside of Dell Technologies.
libpq5=15.3-3.9.1
postgresql14-server=14.8-3.23.1
postgresql14=14.8-3.23.1		 CVE-2023-2454, CVE-2023-2455 CVE-2023-2454, CVE-2023-2455 This hyperlink is taking you to a website outside of Dell Technologies.
ucode-intel=20230512-3.52.1 CVE-2022-33972 CVE-2022-33972 This hyperlink is taking you to a website outside of Dell Technologies.
containerd=1.6.19-16.79.1 CVE-2023-25153, CVE-2023-25173 CVE-2023-25153, CVE-2023-25173 This hyperlink is taking you to a website outside of Dell Technologies.
vim-data-common=9.0.1386-17.15.4
vim-data=9.0.1386-17.15.4
vim=9.0.1386-17.15.4		 CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175 CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175 This hyperlink is taking you to a website outside of Dell Technologies.
kernel-default=4.12.14-122.159.1 CVE-2022-43945, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772 CVE-2022-43945, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772 This hyperlink is taking you to a website outside of Dell Technologies.
runc=1.1.5-16.31.1 CVE-2023-25809, CVE-2023-27561, CVE-2023-28642 CVE-2023-25809, CVE-2023-27561, CVE-2023-28642 This hyperlink is taking you to a website outside of Dell Technologies.
git-core=2.26.2-27.69.1 CVE-2023-25652 CVE-2023-25652 This hyperlink is taking you to a website outside of Dell Technologies.
java-11-openjdk-headless=11.0.19.0-3.58.2 CVE-2023-21930, CVE-2023-21937, CVE-2023-21938 CVE-2023-21930, CVE-2023-21937, CVE-2023-21938 This hyperlink is taking you to a website outside of Dell Technologies.
docker=20.10.23_ce-98.89.1 CVE-2022-36109 CVE-2022-36109 This hyperlink is taking you to a website outside of Dell Technologies.
libsystemd0=228-157.52.1
libudev1=228-157.52.1
systemd-bash-completion=228-157.52.1
systemd-sysvinit=228-157.52.1
systemd=228-157.52.1
udev=228-157.52.1		 CVE-2023-26604 CVE-2023-26604 This hyperlink is taking you to a website outside of Dell Technologies.
samba-client-libs=4.15.13+git.594.449ec4a79a1-3.80.1
samba-libs-python3=4.15.13+git.594.449ec4a79a1-3.80.1
samba-libs=4.15.13+git.594.449ec4a79a1-3.80.1		 CVE-2023-0922 CVE-2023-0922 This hyperlink is taking you to a website outside of Dell Technologies.
libpython3_4m1_0=3.4.10-25.111.1
python3-base=3.4.10-25.111.1
python3=3.4.10-25.111.1		 CVE-2023-24329 CVE-2023-24329 This hyperlink is taking you to a website outside of Dell Technologies.
libncurses5=5.9-81.1
libncurses6=5.9-81.1
ncurses-utils=5.9-81.1
terminfo-base=5.9-81.1
terminfo=5.9-81.1		 CVE-2023-29491 CVE-2023-29491 This hyperlink is taking you to a website outside of Dell Technologies.
libpython3_6m1_0=3.6.15-46.1
python36-base=3.6.15-46.1
python36=3.6.15-46.1		 CVE-2007-4559 CVE-2007-4559 This hyperlink is taking you to a website outside of Dell Technologies.
emacs-info=24.3-25.12.1
emacs-nox=24.3-25.12.1
emacs=24.3-25.12.1
etags=24.3-25.12.1		 CVE-2022-48337, CVE-2022-48339 CVE-2022-48337, CVE-2022-48339 This hyperlink is taking you to a website outside of Dell Technologies.
curl=8.0.1-11.65.2
libcurl4=8.0.1-11.65.2		 CVE-2023-28319 CVE-2023-28319 This hyperlink is taking you to a website outside of Dell Technologies.
cloud-init-config-suse=20.2-37.57.1
cloud-init=20.2-37.57.1		 CVE-2023-1786 CVE-2023-1786 This hyperlink is taking you to a website outside of Dell Technologies.
sudo=1.8.27-4.38.1 CVE-2023-28486 CVE-2023-28486 This hyperlink is taking you to a website outside of Dell Technologies.
libopenssl1_0_0=1.0.2p-3.75.1
libopenssl1_1=1.1.1d-2.84.1
openssl-1_0_0=1.0.2p-3.75.1		 CVE-2023-2650 CVE-2023-2650 This hyperlink is taking you to a website outside of Dell Technologies.
libharfbuzz0=1.4.5-8.3.1 CVE-2023-25193 CVE-2023-25193 This hyperlink is taking you to a website outside of Dell Technologies.
glib2-lang=2.48.2-12.34.1
glib2-tools=2.48.2-12.34.1
libgio-2_0-0=2.48.2-12.34.1
libglib-2_0-0=2.48.2-12.34.1
libgmodule-2_0-0=2.48.2-12.34.1
libgobject-2_0-0=2.48.2-12.34.1		 CVE-2023-24593 CVE-2023-24593 This hyperlink is taking you to a website outside of Dell Technologies.
libxml2-2=2.9.4-46.62.1
libxml2-tools=2.9.4-46.62.1		 CVE-2023-29469 CVE-2023-29469 This hyperlink is taking you to a website outside of Dell Technologies.
dmidecode=3.0-10.6.1 CVE-2023-30630 CVE-2023-30630 This hyperlink is taking you to a website outside of Dell Technologies.
ntp=4.2.8p15-100.1 CVE-2023-26551 CVE-2023-26551 This hyperlink is taking you to a website outside of Dell Technologies.
cups-libs=1.7.5-20.39.1 CVE-2023-32324 CVE-2023-32324 This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Core 
Third Party Component   CVEs More Information
openapi-generator 6.2.1 CVE-2023-27162 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache JAMES mime4j 0.7.2 CVE-2022-45787 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SnakeYAML1.33 CVE-2022-1471 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Spring Vault Core 2.3.2 CVE-2023-20859 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
 spring-security-oauth2-client 5.7.3 CVE-2022-31690 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Elastic search 7.17.8 CVE-2022-38777 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Xerial SQLite JDBC3.36.0.3 CVE-2023-32697 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

 
PPDM Kubernetes cProxy:
Third Party Component   CVEs More Information
powerprotect-k8s-controller CVE-2023-29405, CVE-2023-29404, CVE-2023-29402, CVE-2023-24540, CVE-2023-24538, CVE-2023-29403, CVE-2023-26604, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2022-41725, CVE-2022-41724, CVE-2022-41723, CVE-2022-41716, CVE-2022-41715, CVE-2022-2880, CVE-2022-2879, CVE-2023-29400, CVE-2023-24539, CVE-2022-41723, CVE-2022-27664, CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774, CVE-2023-2953, CVE-2023-29469, CVE-2023-28484, CVE-2023-28319, CVE-2023-0465, CVE-2023-27538, CVE-2023-27536, CVE-2023-27535, CVE-2023-29383, CVE-2023-24532, CVE-2023-0464, CVE-2022-41717, CVE-2023-27534, CVE-2023-27533, CVE-2023-28321, CVE-2023-28320, CVE-2023-0466 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
powerprotect-cproxy CVE-2023-29405 , CVE-2023-29404, CVE-2023-29402, CVE-2023-24540, CVE-2023-24538, CVE-2023-29403, CVE-2023-26604, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2023-29400, CVE-2023-24539, CVE-2022-27191, CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774, CVE-2023-2953, CVE-2023-29469, CVE-2023-28484, CVE-2023-28319, CVE-2023-0465, CVE-2023-27538, CVE-2023-27536, CVE-2023-27535, CVE-2023-29383, CVE-2023-24532, CVE-2023-0464, CVE-2023-27534, CVE-2023-27533, CVE-2023-28321, CVE-2023-28320, CVE-2023-0466  See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
powerprotect-velero-dd CVE-2023-29405, CVE-2023-29404CVE-2023-29402, CVE-2023-24540CVE-2023-24538, CVE-2023-29403CVE-2023-26604, CVE-2023-24537CVE-2023-24536, CVE-2023-24534CVE-2023-29400, CVE-2023-24539CVE-2022-41723, CVE-2022-27664CVE-2023-28322, CVE-2023-29491, CVE-2023-2650, CVE-2022-27774CVE-2023-2953, CVE-2023-29469CVE-2023-28484, CVE-2023-28319CVE-2023-0465, CVE-2023-27538CVE-2023-27536, CVE-2023-27535CVE-2023-29383, CVE-2023-24532CVE-2023-0464, CVE-2023-27534CVE-2023-27533, CVE-2023-28321CVE-2022-41717, CVE-2023-28320CVE-2023-0466 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM-UI:
Third Party Component   CVEs More Information
Webpack v5.74.0 CVE-2023-28154 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
engine.io v6.2.1  CVE-2023-31125 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Cloud Disaster Recovery
Third Party Component   CVEs More Information
Jettison - Json Stax implementation1.5.2 CVE-2023-1436 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SnakeYaml 1.33 CVE-2022-1471 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
json-smart2.4.8 CVE-2023-1370 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SpringFramework 5.3.25 CVE-2023-20860, CVE-2023-20861, CVE-2023-20863 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Native Reporting
Third Party Component   CVEs More Information
Apache Commons Compress 1.9 CVE-2018-11771, CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
jackson-databind 2.13.2.2 CVE-2022-42003, CVE-2022-42004 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
RESTEasy 3.0.11.Final CVE-2016-6346 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

Cloud Snapshot Manager 
Third Party Component   CVEs More Information
gopkg.in/golang/text.v0#v0.3.6 CVE-2022-32149, CVE-2021-38561 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
github: golang/text:v0.3.5 CVE-2021-38561, CVE-2021-38561 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.

PPDM Agents
Third Party Component   CVEs More Information
libxml2 2.9.14 CVE-2022-40304, CVE-2022-40303, CVE-2023-29469, CVE-2023-28484 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Commons Net 3.8.0 CVE-2021-37533 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache Xerces2 J2.7.1 CVE-2012-0881, CVE-2013-4002, CVE-2022-23437, CVE-2009-2625 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
GStreamer 0.10.35 CVE-2016-9634, CVE-2016-9636, CVE-2016-9635, CVE-2019-9928, CVE-2022-1920, CVE-2022-1923, CVE-2022-1924, CVE-2022-2122, CVE-2022-1921, CVE-2022-1922, CVE-2021-3497, CVE-2016-9447, CVE-2016-9809, CVE-2022-1925, CVE-2017-5848, CVE-2017-5840, CVE-2016-10199, CVE-2016-9446, CVE-2017-5839, CVE-2017-5838, CVE-2016-9812, CVE-2017-5841, CVE-2017-5843, CVE-2017-5847, CVE-2016-9808, CVE-2017-5845, CVE-2015-0797, CVE-2016-10198, CVE-2021-3522, CVE-2017-5844, CVE-2016-9807, CVE-2017-5837, CVE-2017-5846, CVE-2016-9810, CVE-2016-9813, CVE-2017-5842, CVE-2016-9811 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Java Platform Standard Edition (JRE) (J2RE)
8u51		 CVE-2015-4881, CVE-2015-4860, CVE-2015-4844, CVE-2015-4883, CVE-2015-4805, CVE-2015-4843, CVE-2015-4835, CVE-2015-4868, CVE-2015-4806, CVE-2015-4803, CVE-2015-4903, CVE-2015-4734, CVE-2015-4882, CVE-2015-4893, CVE-2015-4872, CVE-2015-4911, CVE-2015-4840, CVE-2015-4842 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libjpeg 7 CVE-2020-14152 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libpng 1.6.16 CVE-2017-12652, CVE-2016-3751, CVE-2015-8126, CVE-2016-10087, CVE-2015-8472, CVE-2019-7317 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
PCRE 8.00 CVE-2015-8389, CVE-2015-8386, CVE-2015-8390, CVE-2015-8394, CVE-2015-8391, CVE-2016-3191, CVE-2015-8383, CVE-2015-5073, CVE-2015-2325, CVE-2015-8393, CVE-2019-20838, CVE-2015-8381, CVE-2017-6004, CVE-2015-8380, CVE-2015-8395, CVE-2015-8392, CVE-2015-2327, CVE-2015-2328, CVE-2015-8388, CVE-2015-8384, CVE-2015-8385, CVE-2015-8387, CVE-2015-2326, CVE-2020-14155, CVE-2014-8964 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SQLite 3.7.16.2 CVE-2015-5895, CVE-2019-8457, CVE-2020-11656, CVE-2019-19646, CVE-2017-10989, CVE-2018-20346, CVE-2018-20506, CVE-2015-3414, CVE-2015-3416, CVE-2018-20505, CVE-2022-35737, CVE-2018-8740, CVE-2020-11655, CVE-2015-3415, CVE-2015-3717, CVE-2020-13630, CVE-2015-6607, CVE-2020-13435, CVE-2019-19645, CVE-2020-15358, CVE-2020-13631, CVE-2020-13434, CVE-2020-13632, CVE-2016-6153 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
zlib 1.2.8 CVE-2016-9841, CVE-2022-37434, CVE-2016-9843, CVE-2016-9842, CVE-2016-9840, CVE-2018-25032 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
curl 7.87.0 CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2023-27535, CVE-2023-28319, CVE-2023-23915, CVE-2023-23916, CVE-2023-27536, CVE-2023-28320, CVE-2023-28321, CVE-2023-27538, CVE-2023-28322 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 2.10.3 CVE-2023-28484, CVE-2023-29469 See NVD link for individual scores for each CVE http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link to Update  
Dell PowerProtect Data Manager 19.13 and prior 19.14 and later
PPDM 19.14 drivers and downloads		  
 
 
Product Affected Versions Remediated Versions Link to Update  
Dell PowerProtect Data Manager 19.13 and prior 19.14 and later
PPDM 19.14 drivers and downloads		  
 
 
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Revision History

RevisionDateDescription
1.02023-07-19Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerProtect Data Manager Software
Article Properties
Article Number: 000215920
Article Type: Dell Security Advisory
Last Modified: 19 Jul 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.