Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account.
References
Configurations
History
21 Nov 2024, 08:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
01 Feb 2024, 17:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Dell
Dell networker |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | () https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities - Vendor Advisory | |
CWE | CWE-522 | |
CPE | cpe:2.3:a:dell:networker:*:*:*:*:*:*:*:* |
25 Jan 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-25 15:15
Updated : 2024-11-21 08:56
NVD link : CVE-2024-22432
Mitre link : CVE-2024-22432
CVE.ORG link : CVE-2024-22432
JSON object : View
Products Affected
dell
- networker