DSA-2025-268: Security Update for Dell NetWorker Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') Vulnerability
Resumen: Dell NetWorker remediation is available for selection of less-secure algorithm during negotiation ('algorithm downgrade') vulnerability that could be exploited by malicious users to compromise the affected system. ...
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Medium
Detalles
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-36582 | Dell NetWorker, versions prior to 19.13.0.0, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | 4.8 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-36582 | Dell NetWorker, versions prior to 19.13.0.0, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | 4.8 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
Corrección y productos afectados
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Management Console, NetWorker Web UI, NetWorker Authentication Service | Versions prior to 19.13.0.0 | Version 19.13.0.0 or later | NetWorker Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Management Console, NetWorker Web UI, NetWorker Authentication Service | Versions prior to 19.13.0.0 | Version 19.13.0.0 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Versions prior to 19.13.0.0 means 19.12.x, 19.11.x, 19.10.x, 19.9.x, and 19.8.x family of releases that are still under standard support. For more information refer to Dell End-of-Life Product List for Converged Infrastructure and Storage.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Soluciones alternativas y mitigaciones
None
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2025-07-01 | Initial Release |
| 2.0 | 2025-08-19 | Updated the 'Affected and Remediated Versions' and 'Additional Information' sections |
| 3.0 | 2025-12-31 |
Updated the CVE description to clarify the impact
|
Información relacionada
Descargo de responsabilidad
Productos afectados
NetWorker FamilyPropiedades del artículo
Número del artículo: 000338757
Tipo de artículo: Dell Security Advisory
Última modificación: 31 dic 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.