Přeskočit na hlavní obsah
Odhlásit

Vítejte ve společnosti Dell.

Můj účet
  • Vkládejte objednávky snadno a rychle
  • Zobrazit objednávky a sledovat stav expedice
  • Vytvořte a přistupujte k seznamu svých produktů
  • Spravujte své profily, produkty a kontakty na úrovni produktů na stránkách Dell EMC pomocí správy společnosti.
Přihlásit se Vytvořte si účet Přihlášení na stránky Premier Přihlášení do partnerského programu
Spojte se s námi

Číslo článku: 000224800

DSA-2024-208: Security Update for Dell NetWorker for Multiple Third-party Component Vulnerabilities.

Shrnutí: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Obsah článku

Vliv

High

Podrobnosti

Third-party Component CVEs More Information
Apache http client CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Apache tomcat CVE-2023-46589 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/CVE-2023-46589 This hyperlink is taking you to a website outside of Dell Technologies.

Společnost Dell Technologies všem zákazníkům doporučuje vzít v úvahu základní hodnocení CVSS i všechna související hodnocení v daném čase a prostředí, která mohou mít vliv na potenciální závažnost dané konkrétní bezpečnostní hrozby.

Dotčené produkty a náprava

CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589  NetWorker NetWorker Server
 		 Versions 19.10 through 19.10.0.2
 		 Expected Availability: May 2024 Link to be provided upon release
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589  NetWorker NetWorker Server
 		 Versions 19.9 through 19.9.0.5
 		 Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589 NetWorker NetWorker Server
 		 Versions 19.8 through 19.8.0.4 Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589 NetWorker NetWorker  Server
 		 Versions prior to  19.8  Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVEs Addressed Product Software/Firmware
 		 Affected Versions Remediated Versions Link
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589  NetWorker NetWorker Server
 		 Versions 19.10 through 19.10.0.2
 		 Expected Availability: May 2024 Link to be provided upon release
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589  NetWorker NetWorker Server
 		 Versions 19.9 through 19.9.0.5
 		 Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589 NetWorker NetWorker Server
 		 Versions 19.8 through 19.8.0.4 Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2014-3577, CVE-2012-5783, CVE-2020-13956, CVE-2012-6153, CVE-2015-5262, CVE-2023-46589 NetWorker NetWorker  Server
 		 Versions prior to  19.8  Versions 19.9.0.6 or later https://www.dell.com/support/home/product-support/product/networker/drivers
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
  1. Platforms: Windows & Linux (All variants and flavors are impacted)
  2. Versions prior to 19.8 means versions 19.7.x, 19.6.x, 19.5.x, 19.4.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
  3. Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
  4. Security Advisory will be updated once we have the Remediation for Version 19.10 branches and the expected Availability is end of May 2024. Please note that this is a tentative date and is subject to change.

Historie změn

Revision DateDescription
1.02024-05-06 Initial Release
2.02024-05-08Updated the links under Affected and Remediation section

Související informace

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Právní informace

Vlastnosti článku

Dotčený produkt

NetWorker Family, NetWorker, NetWorker Series, NetWorker Module

Datum posledního vydání

08 kvě 2024

Verze

3

Typ článku

Dell Security Advisory

Zpět na začátek