DSA-2026-023: Security Update for Dell NetWorker Multiple Third-Party Component Vulnerabilities
Oversigt: Dell Networker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Virkning
High
Oplysninger
| Third-party Component | CVEs | More Information |
| Apache Commons Lang | CVE-2025-48924 | https://nvd.nist.gov/vuln/search |
| Apache HttpClient | CVE-2025-27820 | https://nvd.nist.gov/vuln/search |
| Bouncy Castle | CVE-2025-8885 | https://nvd.nist.gov/vuln/search |
| Nimbus JOSE + JWT | CVE-2025-53864 | https://nvd.nist.gov/vuln/search |
| PostgreSQL | CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | https://nvd.nist.gov/vuln/search |
| Spring Boot | CVE-2025-22235 | https://nvd.nist.gov/vuln/search |
| Spring Framework | CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | https://nvd.nist.gov/vuln/search |
| Spring Security | CVE-2025-22228 | https://nvd.nist.gov/vuln/search |
Berørte produkter og udbedring
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2025-53864, CVE-2025-8885, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker AUTHC (Authentication Service) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | NetWorker | NetWorker Management Console (NMC) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715, CVE-2025-22235, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker Management Web UI (NWUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | NetWorker | NetWorker REST API | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2025-53864, CVE-2025-8885, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker AUTHC (Authentication Service) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | NetWorker | NetWorker Management Console (NMC) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715, CVE-2025-22235, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker Management Web UI (NWUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | NetWorker | NetWorker REST API | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Customers on any supported versions/releases listed in the ‘Affected Products and Remediation’ section can upgrade directly to the remediated 19.14 release. Version 19.13.0.3, released on February 20, 2026, is provided for environments or usage scenarios that require a lower remediated release.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Løsninger og afhjælpninger
None
Revisionshistorik
| Revision | Date | Description |
| 1.0 | 2026-02-09 | Initial Release |
| 2.0 | 2026-02-10 |
Minor update to map CVEs to the respective NetWorker components
|
| 3.0 | 2026-03-11 |
Minor update announcing the release of version 19.13.0.3. See the Additional Information section.
|
Relaterede oplysninger
Ansvarsfraskrivelse
Berørte produkter
NetWorker Family, NetWorkerArtikelegenskaber
Artikelnummer: 000425429
Artikeltype: Dell Security Advisory
Senest ændret: 11 mar. 2026
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.