Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Filtered by product Networker
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-22432 1 Dell 1 Networker 2024-11-21 N/A 7.8 HIGH
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account.
CVE-2023-28055 1 Dell 1 Networker 2024-11-21 N/A 8.8 HIGH
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.
CVE-2023-25539 2 Dell, Linux 2 Networker, Linux Kernel 2024-11-21 N/A 8.4 HIGH
Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability as the exploitation allows an attacker to take complete control of a system, so Dell recommends customers to upgrade at the earliest opportunity.
CVE-2023-24568 1 Dell 1 Networker 2024-11-21 N/A 5.0 MEDIUM
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.