DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)
Summary: Dell NetWorker remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell Technologies recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...
Acest articol se aplică pentru
Acest articol nu se aplică pentru
Acest articol nu este legat de un produs specific.
Acest articol nu acoperă toate versiunile de produs existente.
Impact
Critical
Details
| Third-party Component | CVEs | More information |
| Apache Log4j | CVE-2021-44228 | Apache Log4j Remote Code Execution  |
| CVE-2021-45046 CVE-2021-45105 |
| Third-party Component | CVEs | More information |
| Apache Log4j | CVE-2021-44228 | Apache Log4j Remote Code Execution |
| CVE-2021-45046 CVE-2021-45105 |
Produse afectate și măsuri de remediere
| Product | Affected Versions | Updated Versions | Link to Update |
| NetWorker Server |
19.5.x |
19.5.0.5,19.6.0 And Later Versions | https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers |
| 19.4.x | 19.4.0.6 | ||
| NetWorker Virtual Edition | 19.5.x | 19.5.0.5,19.6.0 And Later Versions | https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers Note: Only NVE for VMware and upgrade images are available for download. |
| 19.4.x | 19.4.0.6 |
Note:
- NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
- NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.
| Product | Affected Versions | Updated Versions | Link to Update |
| NetWorker Server |
19.5.x |
19.5.0.5,19.6.0 And Later Versions | https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers |
| 19.4.x | 19.4.0.6 | ||
| NetWorker Virtual Edition | 19.5.x | 19.5.0.5,19.6.0 And Later Versions | https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers Note: Only NVE for VMware and upgrade images are available for download. |
| 19.4.x | 19.4.0.6 |
Note:
- NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
- NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.
Revision History
| Revision | Date | Description |
| 1.0 | 2021-12-15 | Workaround |
| 1.1 | 2021-12-17 | Workaround update |
| 1.2 | 2021-12-23 | Patch added |
| 1.3 | 2021-12-27 | 19.3 added as not vulnerable |
| 1.4 | 2022-01-03 | updated additional CVE addressed |
| 1.5 | 2022-01-11 | added 19.6 release to Affected Products and Remediation table |
| 1.6 | 2022-01-14 | updated 19.4 release, removed workaround |
| 1.7 | 2022-11-29 | Minor change in Updated Version Section |
Related Information
Exonerare de răspundere
Produse afectate
NetWorker Family, NetWorker, Product Security InformationProprietăți articol
Article Number: 000194541
Article Type: Dell Security Advisory
Ultima modificare: 05 dec. 2022
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.