Critical
Third-party Component | CVEs | More Information |
---|---|---|
H2 Database Engine | CVE-2022-45868 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Jackson | CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Open-SSL | CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-22432 | Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account. | 7.8 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-22432 | Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account. | 7.8 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|---|
CVE-2022-45868 | NetWorker | NMC | Versions 19.9 through 19.9.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions 19.8 through 19.8.0.4 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions 19.7 through 19.7.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Version 19.7.1 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions prior to 19.7 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.9 through 19.9.0.3 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.7 through 19.7.0.5 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Version 19.7.1 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions prior to 19.7 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.9 through 19.9.0.3 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.7 through 19.7.0.5 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Version 19.7.1 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions prior to 19.7 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.9 through 19.9.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.8 through 19.8.0.4 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.7 through 19.7.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Version 19.7.1 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions prior to 19.7 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|---|
CVE-2022-45868 | NetWorker | NMC | Versions 19.9 through 19.9.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions 19.8 through 19.8.0.4 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions 19.7 through 19.7.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Version 19.7.1 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2022-45868 | NetWorker | NMC | Versions prior to 19.7 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.9 through 19.9.0.3 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions 19.7 through 19.7.0.5 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Version 19.7.1 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-36518, CVE-2022-42004, CVE-2022-42003, CVE-2020-10650, CVE-2018-7489, CVE-2017-17485 | NetWorker | NetWorker Server | Versions prior to 19.7 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.9 through 19.9.0.3 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions 19.7 through 19.7.0.5 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Version 19.7.1 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2024-22432 | NetWorker | NMDA- MySQL |
Versions prior to 19.7 |
Versions 19.9.0.4, 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.9 through 19.9.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.8 through 19.8.0.4 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions 19.7 through 19.7.0.5 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Version 19.7.1 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
CVE-2020-1971, CVE-2016-2182, CVE-2016-2183, CVE-2016-2180, CVE-2023-0465, CVE-2021-23841, CVE-2016-2107, CVE-2016-6304, CVE-2017-3732, CVE-2016-6303, CVE-2022-2068, CVE-2019-1559, CVE-2018-0734, CVE-2019-1551, CVE-2016-6302, CVE-2021-3712, CVE-2016-2105, CVE-2023-0286, CVE-2016-2179, CVE-2019-1552, CVE-2016-8610, CVE-2022-4304, CVE-2016-2177, CVE-2022-1292, CVE-2019-1547, CVE-2020-1968, CVE-2016-2109, CVE-2021-4160, CVE-2016-6306, CVE-2021-23840, CVE-2019-1563, CVE-2023-0466, CVE-2017-3736, CVE-2018-0739, CVE-2016-2178, CVE-2017-3738, CVE-2017-3737, CVE-2017-3731, CVE-2016-7055, CVE-2017-3735, CVE-2023-0464, CVE-2023-0215, CVE-2016-2181, CVE-2016-2106, CVE-2018-0732, CVE-2018-5407, CVE-2022-0778, CVE-2018-0737 | NetWorker | NetWorker Authentication Service. |
Versions prior to 19.7 |
Versions 19.10 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
Revision | Date | Description |
1.0 | 2024-01-25 | Initial Release |
2.0 | 2024-02-29 | Rectified Jackson CVEs id in "Affected Products and Remediation" section and removed CVE-2023-39417, CVE-2023-39418 from this Security Advisory as it is already fixed as a part of DSA-2023-409 |
3.0 | 2024-03-13 | Updated "Affected Versions" column under "Affected Products and Remediation" section for "H2 Database Engine and Open-SSL" Third-party components from Versions 19.9 through 19.9.0.5 |