Zu den Hauptinhalten
Abmelden

Willkommen bei Dell

Mein Konto
  • Bestellungen schnell und einfach aufgeben
  • Bestellungen anzeigen und den Versandstatus verfolgen
  • Profitieren Sie von exklusiven Prämien und Rabatten für Mitglieder
  • Erstellen Sie eine Liste Ihrer Produkte, auf die Sie jederzeit zugreifen können.
  • Verwalten Sie mit der Unternehmensverwaltung Ihre Dell EMC Seiten, Produkte und produktspezifischen Kontakte.
Anmelden Konto erstellen Premier-Anmeldung Anmeldung beim Partnerprogramm
Kontakt

Ihr Warenkorb bei Dell.com

Artikelnummer: 000225945

DSA-2024-248: Security Update for Dell NetWorker Multiple Component Vulnerabilities.

Zusammenfassung: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Artikelinhalt

Auswirkungen

High

Details

Third-party Component CVEs More Information
Apache Tomcat CVE-2023-46589 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
Jackson-databind CVE-2023-35116 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies. 
SQLite CVE-2023-7104 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies empfiehlt allen Kunden, sowohl die CVSS-Gesamtbewertung als auch alle relevanten zeitlichen und umweltbezogenen Bewertungen zu berücksichtigen, die sich auf den potenziellen Schweregrad einer bestimmten Sicherheitsschwachstelle auswirken können.

Betroffene Produkte und Problembehebung

CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later  https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later  https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
 
CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-46589 NetWorker NetWorker Authentication Service, NetWorker Server Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later  https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-35116 NetWorker NetWorker Authentication Service, NetWorker WebUI Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.10 through 19.10.0.2 Versions 19.11, 19.10.0.3 or later  https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.9 through 19.9.0.6 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions 19.8 through 19.8.0.4 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2023-7104, CVE-2024-25062, CVE-2023-29469, CVE-2023-28484, CVE-2023-45322 NetWorker NetWorker Server Versions prior to 19.8 Versions 19.11, 19.10.0.3 or later https://www.dell.com/support/home/product-support/product/networker/drivers
 
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
  1. Platforms: Windows & Linux (All variants and flavors are impacted)
  2. Versions prior to 19.8 mean versions 19.7.x, 19.6.x, 19.5.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
  3. Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
  4. The security advisory has been updated in light of the release of Version 19.11, customers have the option to upgrade to any of the versions/releases specified in the "Affected Products and Remediation" section
  5. Dell advises that you consistently upgrade to the most recent release/version of your product.

Revisionsverlauf

Revision DateDescription
1.02024-06-11 Initial Release
2.02024-06-27The security advisory has been updated in light of the release of Version 19.11

Zugehörige Informationen

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Rechtliche Hinweise

Artikeleigenschaften

Betroffenes Produkt

NetWorker Family, NetWorker, NetWorker Series, NetWorker Module, Product Security Information

Letztes Veröffentlichungsdatum

27 Juni 2024

Artikeltyp

Dell Security Advisory

Zurück zum Anfang