DSA-2024-477: Security Update for Dell NetWorker Runtime Environment (NRE) Multiple Component Vulnerabilities
Sammendrag: Dell NetWorker Runtime Environment (NRE) remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
Denne artikkelen gjelder for
Denne artikkelen gjelder ikke for
Denne artikkelen er ikke knyttet til noe bestemt produkt.
Det er ikke produktversjonene som identifiseres i denne artikkelen.
Påvirkning
High
Detaljer
|
Third-party Component |
CVEs |
More Information |
|
Java SE Embedded |
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
See NVD link below for individual scores for each CVE. |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
Berørte produkter og utbedring
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the most recent release/version of your product.
Endringshistorikk
|
Revision |
Date |
Description |
|
1.0 |
2024-12-03 |
Initial Release |
Relatert informasjon
Juridisk ansvarsfraskrivelse
Berørte produkter
NetWorker Family, NetWorker, NetWorker Management ConsoleArtikkelegenskaper
Artikkelnummer: 000255884
Artikkeltype: Dell Security Advisory
Sist endret: 09 sep. 2025
Få svar på spørsmålene dine fra andre Dell-brukere
Støttetjenester
Sjekk om enheten din er dekket av støttetjenestene.