Artikelnummer: 000223914
DSA-2024-166: Security Update for Dell NetWorker curl vulnerabilities
Samenvatting: Dell NetWorker remediation is available for curl vulnerabilities that could be exploited by malicious users to compromise the affected system.
Article content
Impact
Critical
Gegevens
| Third-party Component | CVEs | More Information |
|---|---|---|
| Curl | CVE-2023-38545, CVE-2023-38546 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/  |
Getroffen producten en herstel
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2023-38545, CVE-2023-38546 | Dell NetWorker | NetWorker Server | Version 19.10 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions 19.9 through 19.9.0.6 | Version 19.9.0.7 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions 19.8 through 19.8.0. 4 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions prior to 19.8 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2023-38545, CVE-2023-38546 | Dell NetWorker | NetWorker Server | Version 19.10 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions 19.9 through 19.9.0.6 | Version 19.9.0.7 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions 19.8 through 19.8.0. 4 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-38545, CVE-2023-38546 |
Dell NetWorker | NetWorker Server | Versions prior to 19.8 | Version 19.10.0.2 or later | https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Versions prior to 19.8 means versions 19.7.x, 19.6.x, 19.5.x, 19.4.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
- Unless specified as impacted, the term “or Later” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the most recent release/version of your product.
- The security advisory has been updated in light of the release of Version 19.9.0.7 as a Remediation for Version 19.9 branches.
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2024-04-08 | Initial Release |
| 2.0 | 2024-07-02 | The security advisory has been updated in light of the release of Version 19.9.0.7 |
Verwante informatie
Juridische informatie
Artikeleigenschappen
Getroffen product
NetWorker Family, NetWorker, NetWorker Series, NetWorker Module, Product Security Information
Datum laatst gepubliceerd
02 jul. 2024
Artikeltype
Dell Security Advisory