DSA-2026-024: Security Update for Dell NetWorker Multiple Third Party Component Vulnerabilities
Resumen: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
| Third-party Component | CVEs | More Information |
| Angus Mail | CVE-2025-7962 | https://nvd.nist.gov/vuln/search |
| Apache Commons Configuration | CVE-2025-46392 | https://nvd.nist.gov/vuln/search |
| Apache Commons Lang | CVE-2025-48924 | https://nvd.nist.gov/vuln/search |
| Apache CXF | CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2025-48913 | https://nvd.nist.gov/vuln/search |
| Apache HttpClient | CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783 | https://nvd.nist.gov/vuln/search |
| Apache Tomcat | CVE-2025-31651, CVE-2025-31650, CVE-2025-48989 | https://nvd.nist.gov/vuln/search |
| FasterXML Jackson‑databind | CVE-2023-35116 | https://nvd.nist.gov/vuln/search |
| QOS.CH Logback | CVE-2025-11226 | https://nvd.nist.gov/vuln/search |
| Spring Framework | CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234 | https://nvd.nist.gov/vuln/search |
| Spring Security | CVE-2025-41248, CVE-2025-22228 | https://nvd.nist.gov/vuln/search |
Corrección y productos afectados
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker File-Level Recovery (FLR) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| NetWorker | NetWorker vCenter User Interface (VCUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker File-Level Recovery (FLR) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| NetWorker | NetWorker vCenter User Interface (VCUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Customers on all supported versions can upgrade directly to the remediated 19.14 release. Version 19.13.0.3 is planned for February 2026 for environments or product‑usage scenarios that require upgrading to a lower remediated release.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Soluciones alternativas y mitigaciones
None
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2026-02-09 | Initial Release |
Información relacionada
Descargo de responsabilidad
Productos afectados
NetWorker Family, NetWorkerPropiedades del artículo
Número del artículo: 000425759
Tipo de artículo: Dell Security Advisory
Última modificación: 09 feb 2026
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.