DSA-2025-269: Security Update for Dell NetWorker Multiple Third-party Component Vulnerabilities
Resumen: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
| Third-party Component | CVEs | More Information |
| Libxml | CVE-2016-4448, CVE-2017-7376, CVE-2016-4658, CVE-2017-7375, CVE-2015-8710, CVE-2017-16931, CVE-2011-1944, CVE-2021-3518, CVE-2017-5130, CVE-2017-15412, CVE-2016-5131, CVE-2021-3517, CVE-2016-1762, CVE-2016-1834, CVE-2022-40304, CVE-2016-1840, CVE-2015-6837, CVE-2016-4483, CVE-2015-8806, CVE-2016-3627, CVE-2024-25062, CVE-2016-4447, CVE-2010-4494, CVE-2018-14404, CVE-2015-6838, CVE-2022-40303, CVE-2017-16932, CVE-2019-19956, CVE-2022-23308, CVE-2015-5312, CVE-2016-4449, CVE-2012-5134, CVE-2013-0339, CVE-2012-2871, CVE-2016-9596, CVE-2023-45322, CVE-2016-2073, CVE-2017-18258, CVE-2016-9598, CVE-2023-29469, CVE-2021-3541, CVE-2022-29824, CVE-2023-28484, CVE-2015-8241, CVE-2021-3537, CVE-2015-8242, CVE-2016-1836, CVE-2016-1838, CVE-2016-1839, CVE-2016-1837, CVE-2016-1833, CVE-2016-9318, CVE-2015-7500, CVE-2014-3660, CVE-2015-7499, CVE-2012-0841, CVE-2013-2877, CVE-2015-7497, CVE-2015-7498, CVE-2015-8317, CVE-2013-0338, CVE-2010-4008 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2022-1292, CVE-2022-2068, CVE-2023-4807, CVE-2023-0215, CVE-2022-4450, CVE-2023-0464, CVE-2023-0286, CVE-2023-2650, CVE-2022-4304, CVE-2024-0727, CVE-2023-0465, CVE-2023-0466, CVE-2023-5678, CVE-2023-3817, CVE-2022-2097 | https://nvd.nist.gov/vuln/search |
Corrección y productos afectados
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Server, Networker Client, Networker Storage | Version Prior to 19.13 | Version 19.13 or later | NetWorker Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Server, Networker Client, Networker Storage | Version Prior to 19.13 | Version 19.13 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Versions prior to 19.13 means 19.12.x, 19.11.x, 19.10.x, 19.9.x, 19.8.x, and 19.7.x family of releases that are still under standard support. For more refer to Dell End-of-Life Product List for Converged Infrastructure and Storage.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Starting with NetWorker version 19.3, support for Flexera licensing has been discontinued due to end-of-life status. Networker has transitioned to a framework supporting both XML served and unserved licensing models. Refer to Dell NetWorker 19.13 Licensing Guide for more information.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Soluciones alternativas y mitigaciones
None
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2025-07-01 | Initial Release |
| 2.0 | 2025-08-19 | Updated the 'Affected and Remediated Versions' and 'Additional Information' sections |
| 3.0 | 2025-12-02 | Removed cJSON utils CVE-2023-50471, CVE-2023-50472, CVE-2024-31755, and CVE-2023-53154 |
Información relacionada
Descargo de responsabilidad
Productos afectados
NetWorker FamilyPropiedades del artículo
Número del artículo: 000338743
Tipo de artículo: Dell Security Advisory
Última modificación: 02 dic. 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.