DSA-2026-024: Security Update for Dell NetWorker Multiple Third Party Component Vulnerabilities
Samenvatting: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
Critical
Gegevens
| Third-party Component | CVEs | More Information |
| Angus Mail | CVE-2025-7962 | https://nvd.nist.gov/vuln/search |
| Apache Commons Configuration | CVE-2025-46392 | https://nvd.nist.gov/vuln/search |
| Apache Commons Lang | CVE-2025-48924 | https://nvd.nist.gov/vuln/search |
| Apache CXF | CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2025-48913 | https://nvd.nist.gov/vuln/search |
| Apache HttpClient | CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783 | https://nvd.nist.gov/vuln/search |
| Apache Tomcat | CVE-2025-31651, CVE-2025-31650, CVE-2025-48989 | https://nvd.nist.gov/vuln/search |
| FasterXML Jackson‑databind | CVE-2023-35116 | https://nvd.nist.gov/vuln/search |
| QOS.CH Logback | CVE-2025-11226 | https://nvd.nist.gov/vuln/search |
| Spring Framework | CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234 | https://nvd.nist.gov/vuln/search |
| Spring Security | CVE-2025-41248, CVE-2025-22228 | https://nvd.nist.gov/vuln/search |
Getroffen producten en herstel
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker File-Level Recovery (FLR) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| NetWorker | NetWorker vCenter User Interface (VCUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker File-Level Recovery (FLR) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
| NetWorker | NetWorker vCenter User Interface (VCUI) | Versions 19.9 through 19.13.0.2 | Version 19.14 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Customers on all supported versions can upgrade directly to the remediated 19.14 release. Version 19.13.0.3 is planned for February 2026 for environments or product‑usage scenarios that require upgrading to a lower remediated release.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
Tijdelijke oplossingen en risicobeperking
None
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2026-02-09 | Initial Release |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
NetWorker Family, NetWorkerArtikeleigenschappen
Artikelnummer: 000425759
Artikeltype: Dell Security Advisory
Laatst aangepast: 09 feb. 2026
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.