Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)

Summary: Dell NetWorker remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell Technologies recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...

This article applies to   This article does not apply to 
Check out resources for

Impact

Critical

Details

Third-party Component  CVEs  More information 
Apache Log4j  CVE-2021-44228  Apache Log4j Remote Code Execution This hyperlink is taking you to a website outside of Dell Technologies. 
CVE-2021-45046 
CVE-2021-45105
Third-party Component  CVEs  More information 
Apache Log4j  CVE-2021-44228  Apache Log4j Remote Code Execution This hyperlink is taking you to a website outside of Dell Technologies. 
CVE-2021-45046 
CVE-2021-45105
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product  Affected Versions  Updated Versions  Link to Update 
NetWorker Server
 		 19.5.x
 		 19.5.0.5,19.6.0 And Later Versions https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
 
19.4.x 19.4.0.6
NetWorker Virtual Edition 19.5.x 19.5.0.5,19.6.0 And Later Versions https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers

Note: Only NVE for VMware and upgrade images are available for download.
19.4.x 19.4.0.6

Note:
  • NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
  • NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.
Product  Affected Versions  Updated Versions  Link to Update 
NetWorker Server
 		 19.5.x
 		 19.5.0.5,19.6.0 And Later Versions https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
 
19.4.x 19.4.0.6
NetWorker Virtual Edition 19.5.x 19.5.0.5,19.6.0 And Later Versions https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers

Note: Only NVE for VMware and upgrade images are available for download.
19.4.x 19.4.0.6

Note:
  • NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
  • NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.

Revision History

Revision Date Description 
1.02021-12-15Workaround
1.12021-12-17Workaround update
1.22021-12-23Patch added
1.32021-12-2719.3 added as not vulnerable
1.42022-01-03updated additional CVE addressed
1.52022-01-11added 19.6 release to Affected Products and Remediation table
1.62022-01-14updated 19.4 release, removed workaround
1.72022-11-29Minor change in Updated Version Section

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

NetWorker Family, NetWorker, Product Security Information