Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000198858

DSA-2022-110: Dell EMC Avamar, Dell EMC NetWorker Virtual Edition (NVE), and Dell EMC PowerProtect DP Series Appliance / Dell EMC Integrated Data Protection Appliance (IDPA) Security Update for Multiple Vulnerabilities

Summary: Dell EMC Avamar, Dell EMC NetWorker Virtual Edition (NVE), and Dell EMC PowerProtect DP Series Appliance / Dell EMC Integrated Data Protection Appliance (IDPA) remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

Article Content

Impact

Critical

Details

Third-party Component	CVEs	More Information
Multiple Third-Party Components	See Release Notes	2022R1plus Release Notes

Third-party Component	CVEs	More Information
Multiple Third-Party Components	See Release Notes	2022R1plus Release Notes

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed	Product	Affected Versions	Updated Versions	Link to Update
Multiple Third-Party Components See Release Notes	Dell EMC Avamar Server Hardware Appliance Gen4S/ Gen4T	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar Virtual Edition	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments)	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar NDMP Accelerator	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar VMware Image Proxy	Version 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	Avamar Proxy Bundle 2022-R1plus
	Dell EMC NetWorker Virtual Edition (NVE)	Versions 19.4.x, 19.5.x, and 19.6.x running SUSE Linux Enterprise 12 SP5	Versions 19.4, 19.5, and 19.6 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	NvePlatformOsRollup_2022-R1plus.avp
	Dell EMC PowerProtect DP Series Appliance / Dell EMC Integrated Data Protection Appliance (IDPA)	Version 2.6.x and 2.7.x running on SUSE Linux Enterprise 12 SP5	Version 2.6.x and 2.7.x with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp

CVEs Addressed	Product	Affected Versions	Updated Versions	Link to Update
Multiple Third-Party Components See Release Notes	Dell EMC Avamar Server Hardware Appliance Gen4S/ Gen4T	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar Virtual Edition	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments)	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 (including Azure and AWS deployments) with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar NDMP Accelerator	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.3 and 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp
	Dell EMC Avamar VMware Image Proxy	Version 19.4 running SUSE Linux Enterprise 12 SP5	Version 19.4 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	Avamar Proxy Bundle 2022-R1plus
	Dell EMC NetWorker Virtual Edition (NVE)	Versions 19.4.x, 19.5.x, and 19.6.x running SUSE Linux Enterprise 12 SP5	Versions 19.4, 19.5, and 19.6 running SUSE Linux Enterprise 12 SP5 with the latest OS Security Rollup 2022R1plus	NvePlatformOsRollup_2022-R1plus.avp
	Dell EMC PowerProtect DP Series Appliance / Dell EMC Integrated Data Protection Appliance (IDPA)	Version 2.6.x and 2.7.x running on SUSE Linux Enterprise 12 SP5	Version 2.6.x and 2.7.x with the latest OS Security Rollup 2022R1plus	AvPlatformOsRollup_2022-R1plus.avp

The CVEs remedied by this security update are listed in the Release Notes. The Release Notes list not only the new CVEs remedied by this update, but all the past CVEs included in this cumulative update.

The patch applies to all Avamar products running on the SLES platforms listed above. The products include Avamar single-node servers, multi-node servers, accelerator nodes, Avamar Virtual Edition systems, and Avamar Combined Proxy.

See the following KB Articles for Security Update (Rollup) Installation instructions:

https://support.emc.com/kb/335359 for Avamar Virtual Edition.
https://support.emc.com/kb/335361 for installing the latest Avamar Platform Security Rollup on the Avamar Proxy.
https://www.dell.com/support/kbdoc/000052627 for installing the latest Security Rollup on NetWorker Virtual Edition.
https://www.dell.com/support/kbdoc/000198146 for installing the latest Security Rollup on IDPA.

To schedule platform security patch installation, or to upgrade your server, contact Dell EMC Customer Support at https://support.emc.com/.

Revision History

Revision	Date	Description
1.0	2022-Mar-15	Initial Release

Related Information

Legal Information

Article Properties

Affected Product

NetWorker Family, PowerProtect Data Protection Appliance, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, NetWorker, Product Security Information

Product

Avamar Server

Last Published Date

28 Apr 2022

Article Type

Dell Security Advisory

Welcome

Welcome to Dell