DSA-2024-477: Security Update for Dell NetWorker Runtime Environment (NRE) Multiple Component Vulnerabilities
摘要: Dell NetWorker Runtime Environment (NRE) remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
High
詳細資料
|
Third-party Component |
CVEs |
More Information |
|
Java SE Embedded |
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
See NVD link below for individual scores for each CVE. |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-47476 |
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution. |
7.8 |
受影響的產品與補救措施
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2023-42950, CVE-2024-25062, CVE-2024-21235, CVE-2024-21210, CVE-2024-21208, CVE-2024-21217 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Runtime Environment (NRE) |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
|
CVE-2024-47476 |
Dell NetWorker Runtime Environment (NRE) |
NetWorker Management Console |
Version NRE 8.0.22 |
Version NRE 8.0.23 or later |
https://www.dell.com/support/home/product-support/product/networker/drivers |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
- Platforms: Windows & Linux (All variants and flavors are impacted)
- Unless specified as impacted, the term “later releases” encompasses all NetWorker releases, under standard support, that are of a higher minor or major version than the specified release.
- Dell advises that you consistently upgrade to the most recent release/version of your product.
修訂歷史記錄
|
Revision |
Date |
Description |
|
1.0 |
2024-12-03 |
Initial Release |
相關資訊
法律免責聲明
受影響的產品
NetWorker Family, NetWorker, NetWorker Management Console文章屬性
文章編號: 000255884
文章類型: Dell Security Advisory
上次修改時間: 09 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。