Dell NetWorker: False Positive Security Vulnerabilities

Summary: This article provides a list of security vulnerabilities that cannot be exploited on Dell NetWorker, but which may be flagged by security scanners.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Security Article Type

Security KB

CVE Identifier

 CVE-2024-50379

Issue Summary

See the 'Recommendation' section below for details on each CVE.

Recommendations

The vulnerabilities listed in the table below are in order by the date on which NetWorker Engineering determined that the NetWorker was not vulnerable.

Third-party Component 

CVE ID 

Summary of Vulnerability 

Reason why Product is not Vulnerable. 

Date Determined False Positive. 

Apache Tomcat

11.0.0-M1 <= Apache Tomcat <= 11.0.1
10.1.0-M1 <= Apache Tomcat <= 10.1.33
9.0.0.M1 <= Apache Tomcat <= 9.0.97

CVE-2024-50379

NSFOCUS CERT detected that Apache issued a security announcement, fixing the Apache Tomcat conditional competition code execution vulnerability (CVE-2024-50379). Due to the inconsistency between Windows file system and Tomcat in case-distinguishing processing of paths, when the write function of the default servlet is enabled (set readonly=false and allow PUT method), unauthenticated attackers can construct a special path to bypass Tomcat’s path verification mechanism. Through conditional competition, they continuously send requests for uploading files containing malicious JSP codes to trigger Tomcat to parse and execute them. This enables remote code execution.

NetWorker has the default value for the readonly parameter set to true, so NetWorker is not impacted by CVE-2024-50379.

2025-01-09

 

Additional Information

https://nvd.nist.gov/vuln/detail/cve-2024-50379 This hyperlink is taking you to a website outside of Dell Technologies.

NOTE: It only affects enabling the PUT request method in Windows systems and setting the readonly initialization parameter to a non-default value of false.


This can be verified by checking the NetWorker authc server's tomcat web.xml file for its readonly attribute:

Location: [NetWorker Install Drive]:\Program Files\EMC NetWorker\nsr\authc-server\tomcat\conf\web.xml

<!-- The default servlet for all web applications, that serves static     -->
<!-- resources.  It processes all requests that are not mapped to other   -->
<!-- servlets with servlet mappings (defined either here or in your own   -->
<!-- web.xml file).  This servlet supports the following initialization   -->
<!-- parameters (default values are in square brackets):                  -->
...
...
<!-- -->
<!--   readonly            Is this context "read only", so HTTP           -->
<!--                       commands like PUT and DELETE are               -->
<!--                       rejected?  [true]
...

Apache Tomcat Conditional Competition Code Execution Vulnerability (CVE-2024-50379) - NSFOCUS, Inc., a global network, and cyber security leader, protects enterprises and carriers from advanced cyber attacks.This hyperlink is taking you to a website outside of Dell Technologies.

Legal Disclaimer

Products

NetWorker Family
Article Properties
Article Number: 000289912
Article Type: Security KB
Last Modified: 12 Mar 2025
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.