DSA-2024-423: Security Update for Dell NetWorker And NetWorker Management Console (NMC) Multiple Component Vulnerabilities
Resumen: Dell NetWorker And NetWorker Management Console (NMC) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
Impacto
Critical
Detalles
|
Third-party Component |
CVEs |
More Information |
|
Apache HTTP Server |
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
See NVD link below for individual scores for each CVE. |
|
curl |
CVE-2023-46218, CVE-2023-46219 |
See NVD link below for individual scores for each CVE. |
|
Apache CXF |
CVE-2024-29736, CVE-2024-32007 |
See NVD link below for individual scores for each CVE. |
|
Apache Tomcat |
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
See NVD link below for individual scores for each CVE. |
Corrección y productos afectados
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-40898, CVE-2024-36387, CVE-2024-39884, CVE-2024-40725, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 |
NetWorker |
NetWorker Management Console (NMC) |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-24549, CVE-2024-23672, CVE-2024-34750 |
NetWorker |
NetWorker Authentication Service, NetWorker Server |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.11 through 19.11.0.1 |
Version 19.11.0.2 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.10 through 19.10.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.9 through 19.9.0.7 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions 19.8 through 19.8.0.4 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2023-46218, CVE-2023-46219, CVE-2024-29736, CVE-2024-32007 |
NetWorker |
NetWorker Server |
Versions prior to 19.8 |
Version 19.11.0.2, 19.10.0.5 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Versions prior to 19.8 mean versions 19.7.x, 19.6.x, 19.5.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products kindly refer to: https://www.dell.com/support/kbdoc/000185734/all-dell-emc-end-of-life-documents?lang=en
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the most recent release/version of your product.
- The security advisory has been updated in light of the release of Version 19.11.0.2, customers have the option to upgrade to any of the versions/releases specified in the "Affected Products and Remediation" section
Historial de revisiones
|
Revision |
Date |
Description |
|
1.0 |
2024-10-11 |
Initial Release |
|
2.0 |
2024-11-04 |
The security advisory has been updated in light of the release of Version 19.11.0.2 |