DSA-2026-023: Security Update for Dell NetWorker Multiple Third-Party Component Vulnerabilities
Zusammenfassung: Dell Networker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dieser Artikel gilt für
Dieser Artikel gilt nicht für
Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden.
In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Auswirkungen
High
Details
| Third-party Component | CVEs | More Information |
| Apache Commons Lang | CVE-2025-48924 | https://nvd.nist.gov/vuln/search |
| Apache HttpClient | CVE-2025-27820 | https://nvd.nist.gov/vuln/search |
| Bouncy Castle | CVE-2025-8885 | https://nvd.nist.gov/vuln/search |
| Nimbus JOSE + JWT | CVE-2025-53864 | https://nvd.nist.gov/vuln/search |
| PostgreSQL | CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | https://nvd.nist.gov/vuln/search |
| Spring Boot | CVE-2025-22235 | https://nvd.nist.gov/vuln/search |
| Spring Framework | CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | https://nvd.nist.gov/vuln/search |
| Spring Security | CVE-2025-22228 | https://nvd.nist.gov/vuln/search |
Betroffene Produkte und Korrektur
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2025-53864, CVE-2025-8885, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker AUTHC (Authentication Service) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | NetWorker | NetWorker Management Console (NMC) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715, CVE-2025-22235, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker Management Web UI (NWUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | NetWorker | NetWorker REST API | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2025-53864, CVE-2025-8885, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker AUTHC (Authentication Service) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | NetWorker | NetWorker Management Console (NMC) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-8713, CVE-2025-8714, CVE-2025-8715, CVE-2025-22235, CVE-2025-48924, CVE-2025-27820, CVE-2025-22233, CVE-2025-41234, CVE-2025-41242, CVE-2025-22228 | NetWorker | NetWorker Management Web UI (NWUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| CVE-2025-22233, CVE-2025-41234, CVE-2025-41242 | NetWorker | NetWorker REST API | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Customers on all supported versions can upgrade directly to the remediated 19.14 release. Version 19.13.0.3 is planned for February 2026 for environments or product‑usage scenarios that require upgrading to a lower remediated release.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Workarounds und Korrekturmaßnahmen
None
Revisionsverlauf
| Revision | Date | Description |
| 1.0 | 2026-02-09 | Initial Release |
| 2.0 | 2026-02-10 |
Minor update to map CVEs to the respective NetWorker components
|
Zugehörige Informationen
Rechtlicher Hinweis
Betroffene Produkte
NetWorker Family, NetWorkerArtikeleigenschaften
Artikelnummer: 000425429
Artikeltyp: Dell Security Advisory
Zuletzt geändert: 10 Feb. 2026
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.