Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000204898


DSN-2022-002: Dell Response to OpenSSL CVE-2022-3602 and CVE-2022-3786 Vulnerability Disclosure

Summary: Dell assessment of the OpenSSL library vulnerabilities CVE-2022-3602 and CVE-2022-3786

Article Content


Security Article Type

Security KB

CVE Identifier

CVE-2022-3602, CVE-2022-3786

Issue Summary

OpenSSL Publication: https://www.openssl.org/news/secadv/20221101.txt
CVE Reference: CVE-2022-3602, CVE-2022-3786

Details

Dell has reviewed the OpenSSL vulnerabilities tracked in CVE-2022-3602 and CVE-2022-3786 which impacts OpenSSL versions 3.0.0 to 3.0.6. The issues tracked in CVE-2022-3602 and CVE-2022-3786 do not impact OpenSSL 1.1.1 and 1.0.2. The security of our products and network is a top priority and critical to protecting our customers.

The following Security Advisory provides remediation details for the products impacted by these vulnerabilities:

You can subscribe to be notified of our Security Alerts when new Security Advisories are posted by following the guidance in Dell KB article 113250: How to subscribe to Dell Technical Advisories (DTAs) and Dell Security Advisories (DSAs), or by following the directions in the Security Alerts section on the Security Advisories and Notices page.

Recommendations

Customers are encouraged to follow security best practices, including those recommended by OpenSSL and continue to monitor this notice for updated information as it becomes available.

Article Properties


Affected Product

Product Security Information

Last Published Date

26 Jan 2023

Version

2

Article Type

Security KB