Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2022-342: Dell NetWorker vProxy Security Update for Multiple Vulnerabilities

Summary: Dell NetWorker vProxy remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected systems.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Impact

Critical

Details

Third-party Component  CVEs More information
ucode-intel CVE-2022-21233 target="_blank">http://www.nessus.org/u?01c9172f This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 target="_blank">http://www.nessus.org/u?acd7043b This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2022-29154 target="_blank">http://www.nessus.org/u?bf15ba78 This hyperlink is taking you to a website outside of Dell Technologies.
perl-HTTP-Daemon CVE-2022-31081 target="_blank">http://www.nessus.org/u?17c95f99 This hyperlink is taking you to a website outside of Dell Technologies.
p11-kit CVE-2020-29362 target="_blank">http://www.nessus.org/u?1407fdfe This hyperlink is taking you to a website outside of Dell Technologies.
libcroco CVE-2020-12825 target="_blank">http://www.nessus.org/u?70aae5c2 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2022-31676 target="_blank">http://www.nessus.org/u?332bf285 This hyperlink is taking you to a website outside of Dell Technologies.
json-c CVE-2020-12762 target="_blank">http://www.nessus.org/u?eab8cf4e This hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2022-35252 target="_blank">http://www.nessus.org/u?5fc62e01 This hyperlink is taking you to a website outside of Dell Technologies.
libnl3 CVE-2017-0386 target="_blank">http://www.nessus.org/u?53a18eee This hyperlink is taking you to a website outside of Dell Technologies.
icu CVE-2020-21913 target="_blank">http://www.nessus.org/u?c2ee4a31 This hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2020-36516, CVE-2021-4203, CVE-2022-2588, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-26373, CVE-2022-29581, CVE-2022-36879 target="_blank">http://www.nessus.org/u?3c402de3 This hyperlink is taking you to a website outside of Dell Technologies.
 
Third-party Component  CVEs More information
ucode-intel CVE-2022-21233 target="_blank">http://www.nessus.org/u?01c9172f This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 target="_blank">http://www.nessus.org/u?acd7043b This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2022-29154 target="_blank">http://www.nessus.org/u?bf15ba78 This hyperlink is taking you to a website outside of Dell Technologies.
perl-HTTP-Daemon CVE-2022-31081 target="_blank">http://www.nessus.org/u?17c95f99 This hyperlink is taking you to a website outside of Dell Technologies.
p11-kit CVE-2020-29362 target="_blank">http://www.nessus.org/u?1407fdfe This hyperlink is taking you to a website outside of Dell Technologies.
libcroco CVE-2020-12825 target="_blank">http://www.nessus.org/u?70aae5c2 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2022-31676 target="_blank">http://www.nessus.org/u?332bf285 This hyperlink is taking you to a website outside of Dell Technologies.
json-c CVE-2020-12762 target="_blank">http://www.nessus.org/u?eab8cf4e This hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2022-35252 target="_blank">http://www.nessus.org/u?5fc62e01 This hyperlink is taking you to a website outside of Dell Technologies.
libnl3 CVE-2017-0386 target="_blank">http://www.nessus.org/u?53a18eee This hyperlink is taking you to a website outside of Dell Technologies.
icu CVE-2020-21913 target="_blank">http://www.nessus.org/u?c2ee4a31 This hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2020-36516, CVE-2021-4203, CVE-2022-2588, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-26373, CVE-2022-29581, CVE-2022-36879 target="_blank">http://www.nessus.org/u?3c402de3 This hyperlink is taking you to a website outside of Dell Technologies.
 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions Link to Update
NetWorker vProxy 4.3.0-34 and earlier Version 4.3.0-36 released as part of NetWorker 19.7.0.2 and later release.

vProxy and NetWorker compatibility documentation can be located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers

Note: All the reported CVEs are addressed in vProxy 4.3.0-36 and being bundled with NetWorker 19.7.0.2. The latest vProxy (version 4.3.0-36) can be used with any NetWorker version 19.6.1, 19.6.1.3, 19.7.0, and 19.7.0.1 as vProxy is compatible with all current and previous NetWorker versions (from NetWorker 19.4 and later). See the above E-Lab link for compatibility matrix.
Product Affected Versions Updated Versions Link to Update
NetWorker vProxy 4.3.0-34 and earlier Version 4.3.0-36 released as part of NetWorker 19.7.0.2 and later release.

vProxy and NetWorker compatibility documentation can be located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers

Note: All the reported CVEs are addressed in vProxy 4.3.0-36 and being bundled with NetWorker 19.7.0.2. The latest vProxy (version 4.3.0-36) can be used with any NetWorker version 19.6.1, 19.6.1.3, 19.7.0, and 19.7.0.1 as vProxy is compatible with all current and previous NetWorker versions (from NetWorker 19.4 and later). See the above E-Lab link for compatibility matrix.

Revision History

RevisionDateDescription
1.02022-12-05Initial Release

Related Information

Affected Products

NetWorker Family, NetWorker, NetWorker Series, NetWorker Module, Product Security Information
Article Properties
Article Number: 000206067
Article Type: Dell Security Advisory
Last Modified: 05 Dec 2022
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.