DSA-2026-024: Security Update for Dell NetWorker Multiple Third Party Component Vulnerabilities

摘要: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

法律免责声明

受影响的产品

提供反馈

本文适用于本文不适用于本文并非针对某种特定的产品。本文并非包含所有产品版本。

查看其他资源

影响

Critical

详情

Third-party Component	CVEs	More Information
Angus Mail	CVE-2025-7962	https://nvd.nist.gov/vuln/search
Apache Commons Configuration	CVE-2025-46392	https://nvd.nist.gov/vuln/search
Apache Commons Lang	CVE-2025-48924	https://nvd.nist.gov/vuln/search
Apache CXF	CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2025-48913	https://nvd.nist.gov/vuln/search
Apache HttpClient	CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783	https://nvd.nist.gov/vuln/search
Apache Tomcat	CVE-2025-31651, CVE-2025-31650, CVE-2025-48989	https://nvd.nist.gov/vuln/search
FasterXML Jackson‑databind	CVE-2023-35116	https://nvd.nist.gov/vuln/search
QOS.CH Logback	CVE-2025-11226	https://nvd.nist.gov/vuln/search
Spring Framework	CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234	https://nvd.nist.gov/vuln/search
Spring Security	CVE-2025-41248, CVE-2025-22228	https://nvd.nist.gov/vuln/search

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数，这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783, CVE-2023-35116, CVE-2025-7962, CVE-2025-48913, CVE-2025-11226, CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234, CVE-2025-48924, CVE-2025-46392, CVE-2025-41248, CVE-2025-22228	NetWorker	NetWorker File-Level Recovery (FLR)	Versions 19.9 through 19.13.0.2	Version 19.14 or later	NetWorker Downloads Area
CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783, CVE-2023-35116, CVE-2025-7962, CVE-2025-48913, CVE-2025-11226, CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234, CVE-2025-48924, CVE-2025-46392, CVE-2025-41248, CVE-2025-48989, CVE-2025-22228, CVE-2025-31651, CVE-2025-31650, CVE-2025-48989	NetWorker	NetWorker vCenter User Interface (VCUI)	Versions 19.9 through 19.13.0.2	Version 19.14 or later	NetWorker Downloads Area

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783, CVE-2023-35116, CVE-2025-7962, CVE-2025-48913, CVE-2025-11226, CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234, CVE-2025-48924, CVE-2025-46392, CVE-2025-41248, CVE-2025-22228	NetWorker	NetWorker File-Level Recovery (FLR)	Versions 19.9 through 19.13.0.2	Version 19.14 or later	NetWorker Downloads Area
CVE-2024-29736, CVE-2024-32007, CVE-2025-23184, CVE-2024-41172, CVE-2020-13956, CVE-2014-3577, CVE-2015-5262, CVE-2012-5783, CVE-2023-35116, CVE-2025-7962, CVE-2025-48913, CVE-2025-11226, CVE-2025-41242, CVE-2025-41254, CVE-2025-22233, CVE-2025-41234, CVE-2025-48924, CVE-2025-46392, CVE-2025-41248, CVE-2025-48989, CVE-2025-22228, CVE-2025-31651, CVE-2025-31650, CVE-2025-48989	NetWorker	NetWorker vCenter User Interface (VCUI)	Versions 19.9 through 19.13.0.2	Version 19.14 or later	NetWorker Downloads Area

Notes:

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Customers on any supported versions/releases listed in the ‘Affected Products and Remediation’ section can upgrade directly to the remediated 19.14 release. Version 19.13.0.3, released on February 20, 2026, is provided for environments or usage scenarios that require a lower remediated release.
Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
Platforms: Windows & Linux (All variants and flavors are impacted).

解决方法和缓解措施

None

修订历史记录

Revision	Date	Description
1.0	2026-02-09	Initial Release
2.0	2026-02-12	Minor update to map CVEs to the respective NetWorker components
2.0	2026-03-11	Minor update announcing the release of version 19.13.0.3. See the Additional Information section.

法律免责声明

受影响的产品

NetWorker Family, NetWorker

文章编号: 000425759

文章类型: Dell Security Advisory

上次修改时间: 11 3月 2026

DSA-2026-024: Security Update for Dell NetWorker Multiple Third Party Component Vulnerabilities

摘要: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2026-024: Security Update for Dell NetWorker Multiple Third Party Component Vulnerabilities

摘要: Dell NetWorker remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

详细文章

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务