Article Number: 000224798
DSA-2024-207: Security Update for Dell NetWorker for BMR ISO Vulnerability
Summary: Dell NetWorker remediation is available for Networker BMR ISO that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Medium
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Windows ADK | CVE-2023-24932 | http://nvd.nist.gov/CVE-2023-24932  |
Affected Products and Remediation
| CVEs Addressed | Product | Software/Firmware |
Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.10 through 19.10.0.2 |
Expected Availability: May 2024 | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.9 through 19.9.0.5 |
Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions prior to 19.8 | Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVEs Addressed | Product | Software/Firmware |
Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.10 through 19.10.0.2 |
Expected Availability: May 2024 | https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.9 through 19.9.0.5 |
Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions 19.8 through 19.8.0.4 |
Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
| CVE-2023-24932 |
Dell NetWorker | NetWorker BMR |
Versions prior to 19.8 | Versions 19.9.0.6 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows
- Versions prior to 19.8 means versions 19.7.x, 19.6.x, 19.5.x, 19.4.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
- Unless specified as impacted, the term “or Later” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell recommends that you always upgrade to the latest release/version for your product.
- Security Advisory will be updated once we have the Remediation for Version 19.10 branches and the expected Availability is end of May 2024. Please note that this is a tentative date and is subject to change.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-05-06 | Initial Release |
Related Information
Legal Information
Article Properties
Affected Product
NetWorker Family, NetWorker, NetWorker Series
Last Published Date
07 May 2024
Version
4
Article Type
Dell Security Advisory