DSA-2023-155: Security Update for Dell NetWorker Spring Security Vulnerabilities

Tabla de contenido

Artículo detallado

Impacto

Corrección y productos afectados

Historial de revisiones

Información relacionada

Descargo de responsabilidad

Productos afectados

Deje sus comentarios

Resumen: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.

Consulte estos recursos

Impacto

Critical

Detalles

Third-party Component	CVEs	More Information
Spring Security	CVE-2022-22978, CVE-2022-31692	See NVD link below for individual scores for each CVE. http://nvd.nist.gov/

Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.8 through 19.8.0.2	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.7 through 19.7.0.5	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.7.1	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions prior to 19.7	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.8 through 19.8.0.2	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.7 through 19.7.0.5	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions 19.7.1	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers
CVE-2022-22978, CVE-2022-31692	NetWorker	Auth-server, NWUI, VCUI and FLR	Versions prior to 19.7	Versions 19.9 and later release, Version 19.8.0.3 and later release	https://www.dell.com/support/home/product-support/product/networker/drivers

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Platforms: Windows & Linux (All variants and flavors are impacted)
Versions prior to 19.7 means versions 19.6.x, 19.5.x, 19.4.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=e
Unless specified as impacted, the term “later release” encompasses all NetWorker releases under standard support that are of a "higher, minor or major" version than the specified release.

Historial de revisiones

Revision	Date	Description
1.0	2023-06-26	Initial Release
2.0	2023-06-27	Updated for enhanced presentation with no change to content
3.0	2023-08-28	Clarified and updated 19.8.0.3 version under remediated versions Also, updated Additional info section for further reference.
4.0	2023-09-01	Updated for enhanced presentation with no changes to content.

Información relacionada

Descargo de responsabilidad

Productos afectados

NetWorker Family, NetWorker, NetWorker Series, NetWorker Module

Número del artículo: 000215283

Tipo de artículo: Dell Security Advisory

Última modificación: 09 set. 2025

Compruebe si el dispositivo está cubierto por los servicios de soporte.

DSA-2023-155: Security Update for Dell NetWorker Spring Security Vulnerabilities

Resumen: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impacto

Detalles

Corrección y productos afectados

Historial de revisiones

Información relacionada

Descargo de responsabilidad

Productos afectados

Propiedades del artículo

Encuentre respuestas a sus preguntas de otros usuarios de Dell

Servicios de soporte

Propiedades del artículo

Encuentre respuestas a sus preguntas de otros usuarios de Dell

Servicios de soporte