DSA-2025-064 : Security Update for Dell NetWorker, NetWorker Virtual Edition and NetWorker Management Console Multiple Component Vulnerabilities
Summary: Dell NetWorker, NetWorker Virtual Edition and NetWorker Management Console remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
|
Third-party Component |
CVEs |
More Information |
|
OpenSSL1.1.1n |
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
See NVD link below for individual scores for each CVE. |
|
Python |
CVE-2024-37891 |
See NVD link below for individual scores for each CVE. |
|
Cloud-init |
CVE-2021-3429, CVE-2023-1786 |
See NVD link below for individual scores for each CVE. |
|
PostgreSQL Database Server |
CVE-2024-7348 |
See NVD link below for individual scores for each CVE. |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-21107 |
Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-21107 |
Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
Affected Products & Remediation
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions 19.11 through 19.11.0.3 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions 19.10 through 19.10.0.7 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions prior to 19.10 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions 19.11 through 19.11.0.2 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions 19.10 through 19.10.0.7 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions prior to 19.10 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.11 through 19.11.0.2 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.10 through 19.10.0.7 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions prior to 19.10 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-7348 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.11 through 19.11.0.2 |
Versions 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-7348 |
Dell NetWorker |
NetWorker Management Console |
Versions prior to 19.10.0.7 |
Version 19.10.0.7 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions 19.11 through 19.11.0.3 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions 19.10 through 19.10.0.7 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678 |
Dell NetWorker |
NetWorker Server, Storage Node and Client |
Versions prior to 19.10 |
Version 19.12 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions 19.11 through 19.11.0.2 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions 19.10 through 19.10.0.7 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
Dell NetWorker Virtual Edition |
NVE-OVA |
Versions prior to 19.10 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.11 through 19.11.0.2 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.10 through 19.10.0.7 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2025-21107 |
Dell NetWorker |
NetWorker Management Console |
Versions prior to 19.10 |
Version 19.12, 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-7348 |
Dell NetWorker |
NetWorker Management Console |
Versions 19.11 through 19.11.0.2 |
Versions 19.11.0.3 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-7348 |
Dell NetWorker |
NetWorker Management Console |
Versions prior to 19.10.0.7 |
Version 19.10.0.7 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- For OpenSSL1.1.1n
- Platforms: Linux (All variants and flavors are impacted)
- The vulnerabilities in the third-party component OpenSSL 1.1.1n will be addressed only in Version 19.12.
- For Linux Kernel
- Platforms: Linux (Suse are impacted).
- For PostgreSQL Database Server
- Platforms: Windows & Linux (All variants and flavors are impacted)
- CVE-2024-7348 has been remediated in 19.10.0.7 release.
- For Proprietary Code CVE-2025-21107
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Versions prior to 19.10.0.7 mean versions 19.10.0.6, 19.10.x, 19.9.x, 19.8.x, 19.7.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the latest release/version for your product
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2025-01-30 |
Initial Release |
|
2.0 |
2025-02-03 |
Updated the advisory with Third-Party component details CVE-2024-37891, CVE-2021-3429, CVE-2023-1786 |
|
3.0 |
2025-02-17 |
The security advisory has been updated in light of the release of Version 19.10.0.7 |
|
4.0 |
2025-02-19 |
Updated Software/Firmware Column under "Affected Product & Remediation" section corresponding to OpenSSL 1.1.1n CVEs |
Related Information
Legal Disclaimer
Affected Products
NetWorker Family, NetWorker, NetWorker Management ConsoleArticle Properties
Article Number: 000278811
Article Type: Dell Security Advisory
Last Modified: 09 Sep 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.