Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000203317


DSA-2022-252: Dell NetWorker vProxy Security Update for Multiple Third-Party Vulnerabilities

Summary: Dell NetWorker vProxy remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Third-party Component  CVEs More information
kernel-firmware CVE-2021-26312 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2021-26339
CVE-2021-26342
CVE-2021-26347
CVE-2021-26348
CVE-2021-26349
CVE-2021-26350
CVE-2021-26364
CVE-2021-26372
CVE-2021-26373
CVE-2021-26375
CVE-2021-26376
CVE-2021-26378
CVE-2021-26388
CVE-2021-46744
libxml2 CVE-2017-16932 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2022-29824
curl CVE-2022-27781 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2022-27782
LDAP CVE-2022-29155 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
kernel-firmware CVE-2022-21151 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
jenkins sitemonitor plug-in CVE-2021-28153 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
e2fsprogs CVE-2022-1304 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
pcre2 CVE-2022-1586 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
zgrep CVE-2022-1271 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
Third-party Component  CVEs More information
kernel-firmware CVE-2021-26312 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2021-26339
CVE-2021-26342
CVE-2021-26347
CVE-2021-26348
CVE-2021-26349
CVE-2021-26350
CVE-2021-26364
CVE-2021-26372
CVE-2021-26373
CVE-2021-26375
CVE-2021-26376
CVE-2021-26378
CVE-2021-26388
CVE-2021-46744
libxml2 CVE-2017-16932 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2022-29824
curl CVE-2022-27781 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
CVE-2022-27782
LDAP CVE-2022-29155 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
kernel-firmware CVE-2022-21151 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
jenkins sitemonitor plug-in CVE-2021-28153 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
e2fsprogs CVE-2022-1304 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
pcre2 CVE-2022-1586 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
zgrep CVE-2022-1271 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions Link to Update
Dell NetWorker vProxy 4.3.0-22 and earlier 4.3.0-32 released as part of Dell NetWorker 19.7.0.1 and later release
vProxy and NetWorker compatibility documentation is located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers
Product Affected Versions Updated Versions Link to Update
Dell NetWorker vProxy 4.3.0-22 and earlier 4.3.0-32 released as part of Dell NetWorker 19.7.0.1 and later release
vProxy and NetWorker compatibility documentation is located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers

Revision History

RevisionDateDescription
1.0-Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

NetWorker Family, NetWorker, NetWorker Series, Product Security Information

Last Published Date

13 Sep 2022

Version

1

Article Type

Dell Security Advisory