DSA-2024-477: Security Update for Dell NetWorker Runtime Environment (NRE) Multiple Component Vulnerabilities
Sommaire: Dell NetWorker Runtime Environment (NRE) remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
Cet article s’applique à
Cet article ne s’applique pas à
Cet article n’est lié à aucun produit spécifique.
Toutes les versions de produits ne sont pas identifiées dans cet article.
Impact
High
Détails
|
Third-party Component |
CVEs |
More Information |
|
Java SE Embedded |
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
See NVD link below for individual scores for each CVE. |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
Produits touchés et correction
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the most recent release/version of your product.
Historique de révision
|
Revision |
Date |
Description |
|
1.0 |
2024-12-03 |
Initial Release |
Renseignements connexes
Avis de non-responsabilité
Produits touchés
NetWorker Family, NetWorker, NetWorker Management ConsolePropriétés de l’article
Numéro d’article: 000255884
Type d’article: Dell Security Advisory
Dernière modification: 09 sept. 2025
Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell
Services de soutien
Vérifiez si votre appareil est couvert par les services de soutien.