High
Multiple components within Dell NetWorker require a security update to address various vulnerabilities. Dell NetWorker Management Console and vProxy components are affected.
Affected products:
Dell NetWorker versions before 19.4
| Third-party Component |
CVEs | More information |
| postgreSQL | CVE-2020-13692 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. Dell NetWorker Management Console component is affected by this CVE. |
| jquery | CVE-2020-11022 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. NetWorker vCenter plug-in component and FLR web UI are affected by this CVE. |
| Third-party Component |
CVEs | More information |
| postgreSQL | CVE-2020-13692 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. Dell NetWorker Management Console component is affected by this CVE. |
| jquery | CVE-2020-11022 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. NetWorker vCenter plug-in component and FLR web UI are affected by this CVE. |
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2020-13692 | Dell NetWorker Management Console | 19.2.1.0 – 19.2.1.3, 19.3.0 – 19.3.03, and earlier versions. |
19.2.1.4, 19.3.04, and 19.4 |
https://www.dell.com/support/home/en-us/product-support/product/networker/drivers CVE-2020-13692 does not affect NetWorker Servers, Storage Nodes, or Clients if Dell NetWorker Management Console is not installed. |
| CVE-2020-11022 | Dell NetWorker vProxy | 19.2.1.0 – 19.2.1.3, 19.3.0 – 19.3.03, and earlier versions. |
19.2.1.4, 19.3.04, and 19.4 |
https://www.dell.com/support/home/en-us/product-support/product/networker/drivers CVE-2020-11022 does not affect NetWorker Servers, Storage Nodes, or Clients if Dell NetWorker vProxy is not installed. |
| CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2020-13692 | Dell NetWorker Management Console | 19.2.1.0 – 19.2.1.3, 19.3.0 – 19.3.03, and earlier versions. |
19.2.1.4, 19.3.04, and 19.4 |
https://www.dell.com/support/home/en-us/product-support/product/networker/drivers CVE-2020-13692 does not affect NetWorker Servers, Storage Nodes, or Clients if Dell NetWorker Management Console is not installed. |
| CVE-2020-11022 | Dell NetWorker vProxy | 19.2.1.0 – 19.2.1.3, 19.3.0 – 19.3.03, and earlier versions. |
19.2.1.4, 19.3.04, and 19.4 |
https://www.dell.com/support/home/en-us/product-support/product/networker/drivers CVE-2020-11022 does not affect NetWorker Servers, Storage Nodes, or Clients if Dell NetWorker vProxy is not installed. |
|
Revision |
Date |
Description |
|
1.0 |
2020-12-12 |
Initial Release |
| 1.1 | 2021-08-04 | Minor Update |