DSA-2025-268: Security Update for Dell NetWorker Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') Vulnerability
摘要: Dell NetWorker remediation is available for selection of less-secure algorithm during negotiation ('algorithm downgrade') vulnerability that could be exploited by malicious users to compromise the affected system. ...
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Medium
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-36582 | Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | 4.8 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-36582 | Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | 4.8 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
受影響的產品與補救措施
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Management Console, NetWorker Web UI, NetWorker Authentication Service | Versions prior to 19.13 | Version 19.13 or later | NetWorker Downloads Area |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| NetWorker | NetWorker Management Console, NetWorker Web UI, NetWorker Authentication Service | Versions prior to 19.13 | Version 19.13 or later | NetWorker Downloads Area |
Notes:
- The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Versions prior to 19.13 means 19.12.x, 19.11.x, 19.10.x, 19.9.x, 19.8.x, 19.7.x, 19.6.x, 19.5.x, and 19.4.x family of releases that are still under standard support. For more information on Dell End-of-Life Documents for converged infrastructure, midrange and enterprise storage, and storage networking products refer to Dell End-of-Life Product List for Converged Infrastructure and Storage.
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release. Dell recommends that you always upgrade to the latest release/version for your product.
- Platforms: Windows & Linux (All variants and flavors are impacted).
因應措施與緩解措施
None
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2025-07-01 | Initial Release |
| 2.0 | 2025-08-19 | Updated the 'Affected and Remediated Versions' and 'Additional Information' sections |
相關資訊
法律免責聲明
受影響的產品
NetWorker Family文章屬性
文章編號: 000338757
文章類型: Dell Security Advisory
上次修改時間: 19 8月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。