CVE-2023-25544
https://notcve.org/view.php?id=CVE-2023-25544
Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. • https://www.dell.com/support/kbdoc/en-us/000210471/dsa-2023-058-dell-networker-security-update-for-version-disclosure-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-24567
https://notcve.org/view.php?id=CVE-2023-24567
Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. • https://www.dell.com/support/kbdoc/en-us/000210471/dsa-2023-058-dell-networker-security-update-for-version-disclosure-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-24576
https://notcve.org/view.php?id=CVE-2023-24576
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. • https://www.dell.com/support/kbdoc/en-us/000208258/dsa-2023-041-dell-networker-security-update-for-nsrdump-vulnerability • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-34368
https://notcve.org/view.php?id=CVE-2022-34368
Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources. Dell EMC NetWorker versiones 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x y 19.7.0.0, contienen una vulnerabilidad de Manejo Inapropiado de Permisos o Privilegios Insuficientes. Un usuario autenticado que no sea administrador podría aprovechar esta vulnerabilidad y conseguir acceso a recursos restringidos • https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVE-2022-29082
https://notcve.org/view.php?id=CVE-2022-29082
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates. Dell EMC NetWorker versiones 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 y 19.6.0.1 y 19. 6.0.2, contienen una vulnerabilidad de comprobación inapropiada de certificado con desajuste de host en el puerto 5671 de Rabbitmq que podría permitir a atacantes remotos falsificar certificados • https://www.dell.com/support/kbdoc/000198987 • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •