Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000206067

DSA-2022-342: Dell NetWorker vProxy Security Update for Multiple Vulnerabilities

Summary: Dell NetWorker vProxy remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected systems.

Article Content

Impact

Critical

Details

Third-party Component  CVEs More information
ucode-intel CVE-2022-21233 target="_blank">http://www.nessus.org/u?01c9172f This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 target="_blank">http://www.nessus.org/u?acd7043b This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2022-29154 target="_blank">http://www.nessus.org/u?bf15ba78 This hyperlink is taking you to a website outside of Dell Technologies.
perl-HTTP-Daemon CVE-2022-31081 target="_blank">http://www.nessus.org/u?17c95f99 This hyperlink is taking you to a website outside of Dell Technologies.
p11-kit CVE-2020-29362 target="_blank">http://www.nessus.org/u?1407fdfe This hyperlink is taking you to a website outside of Dell Technologies.
libcroco CVE-2020-12825 target="_blank">http://www.nessus.org/u?70aae5c2 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2022-31676 target="_blank">http://www.nessus.org/u?332bf285 This hyperlink is taking you to a website outside of Dell Technologies.
json-c CVE-2020-12762 target="_blank">http://www.nessus.org/u?eab8cf4e This hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2022-35252 target="_blank">http://www.nessus.org/u?5fc62e01 This hyperlink is taking you to a website outside of Dell Technologies.
libnl3 CVE-2017-0386 target="_blank">http://www.nessus.org/u?53a18eee This hyperlink is taking you to a website outside of Dell Technologies.
icu CVE-2020-21913 target="_blank">http://www.nessus.org/u?c2ee4a31 This hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2020-36516, CVE-2021-4203, CVE-2022-2588, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-26373, CVE-2022-29581, CVE-2022-36879 target="_blank">http://www.nessus.org/u?3c402de3 This hyperlink is taking you to a website outside of Dell Technologies.
 
Third-party Component  CVEs More information
ucode-intel CVE-2022-21233 target="_blank">http://www.nessus.org/u?01c9172f This hyperlink is taking you to a website outside of Dell Technologies.
zlib CVE-2022-37434 target="_blank">http://www.nessus.org/u?acd7043b This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2022-29154 target="_blank">http://www.nessus.org/u?bf15ba78 This hyperlink is taking you to a website outside of Dell Technologies.
perl-HTTP-Daemon CVE-2022-31081 target="_blank">http://www.nessus.org/u?17c95f99 This hyperlink is taking you to a website outside of Dell Technologies.
p11-kit CVE-2020-29362 target="_blank">http://www.nessus.org/u?1407fdfe This hyperlink is taking you to a website outside of Dell Technologies.
libcroco CVE-2020-12825 target="_blank">http://www.nessus.org/u?70aae5c2 This hyperlink is taking you to a website outside of Dell Technologies.
open-vm-tools CVE-2022-31676 target="_blank">http://www.nessus.org/u?332bf285 This hyperlink is taking you to a website outside of Dell Technologies.
json-c CVE-2020-12762 target="_blank">http://www.nessus.org/u?eab8cf4e This hyperlink is taking you to a website outside of Dell Technologies.
curl CVE-2022-35252 target="_blank">http://www.nessus.org/u?5fc62e01 This hyperlink is taking you to a website outside of Dell Technologies.
libnl3 CVE-2017-0386 target="_blank">http://www.nessus.org/u?53a18eee This hyperlink is taking you to a website outside of Dell Technologies.
icu CVE-2020-21913 target="_blank">http://www.nessus.org/u?c2ee4a31 This hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2020-36516, CVE-2021-4203, CVE-2022-2588, CVE-2022-2639, CVE-2022-2977, CVE-2022-3028, CVE-2022-20368, CVE-2022-20369, CVE-2022-21385, CVE-2022-26373, CVE-2022-29581, CVE-2022-36879 target="_blank">http://www.nessus.org/u?3c402de3 This hyperlink is taking you to a website outside of Dell Technologies.
 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions Link to Update
NetWorker vProxy 4.3.0-34 and earlier Version 4.3.0-36 released as part of NetWorker 19.7.0.2 and later release.

vProxy and NetWorker compatibility documentation can be located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)		 https://www.dell.com/support/home/en-in/product-support/product/networker/drivers

Note: All the reported CVEs are addressed in vProxy 4.3.0-36 and being bundled with NetWorker 19.7.0.2. The latest vProxy (version 4.3.0-36) can be used with any NetWorker version 19.6.1, 19.6.1.3, 19.7.0, and 19.7.0.1 as vProxy is compatible with all current and previous NetWorker versions (from NetWorker 19.4 and later). See the above E-Lab link for compatibility matrix.
Product Affected Versions Updated Versions Link to Update
NetWorker vProxy 4.3.0-34 and earlier Version 4.3.0-36 released as part of NetWorker 19.7.0.2 and later release.

vProxy and NetWorker compatibility documentation can be located here: E-Lab Interoperability Navigator 2.0-Components View (dell.com)		 https://www.dell.com/support/home/en-in/product-support/product/networker/drivers

Note: All the reported CVEs are addressed in vProxy 4.3.0-36 and being bundled with NetWorker 19.7.0.2. The latest vProxy (version 4.3.0-36) can be used with any NetWorker version 19.6.1, 19.6.1.3, 19.7.0, and 19.7.0.1 as vProxy is compatible with all current and previous NetWorker versions (from NetWorker 19.4 and later). See the above E-Lab link for compatibility matrix.

Revision History

RevisionDateDescription
1.02022-12-05Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

NetWorker Family, NetWorker, NetWorker Series, NetWorker Module, Product Security Information

Last Published Date

05 Dec 2022

Version

1

Article Type

Dell Security Advisory

Back to Top