Headline
CVE-2023-25544: DSA-2023-058: Dell NetWorker Security Update for Version Disclosure Vulnerability
Dell NetWorker versions 19.5 and earlier contain ‘Apache Tomcat’ version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
Vaikutus
High
Tiedot
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-25544
Dell NetWorker versions 19.5 and earlier contain ‘Apache Tomcat’ version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
7.5
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2023-24567
Dell NetWorker versions 19.5 and earlier contain ‘RabbitMQ’ version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
7.5
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-25544
Dell NetWorker versions 19.5 and earlier contain ‘Apache Tomcat’ version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
7.5
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2023-24567
Dell NetWorker versions 19.5 and earlier contain ‘RabbitMQ’ version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
7.5
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen
CVEs Addressed
Product
Affected Versions
Updated Versions
Applicable platforms
Link to Update
CVE-2023-25544
Dell NetWorker,
NVE
19.5 and earlier versions
19.6 and later versions
Windows,
Linux (CentOS, OEL, SuSE, Red Hat Enterprise Linux, Debian, Ubuntu, Fedora)
https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
CVE-2023-24567
NOTE: Impacted components: NetWorker AuthC, NetWorker Server.
CVEs Addressed
Product
Affected Versions
Updated Versions
Applicable platforms
Link to Update
CVE-2023-25544
Dell NetWorker,
NVE
19.5 and earlier versions
19.6 and later versions
Windows,
Linux (CentOS, OEL, SuSE, Red Hat Enterprise Linux, Debian, Ubuntu, Fedora)
https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
CVE-2023-24567
NOTE: Impacted components: NetWorker AuthC, NetWorker Server.
Versiohistoria
Revision
Date
Description
1.0
2023-03-01
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
NetWorker Family, NetWorker, NetWorker Series, NetWorker Module, Product Security Information
01 maalisk. 2023