Vulnerabilities > CVE-2023-28055 - Unspecified vulnerability in Dell Networker

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

dell

NVD

Published: 2023-09-27

Updated: 2024-11-21

Summary

Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Networker 19.7.1 Dell Networker 19.7 Dell Networker 19.7.0.3 Dell Networker 19.7.0.4 Dell Networker 19.8 Dell Networker 19.8.0.0 Dell Networker 19.9	7

References

https://www.dell.com/support/kbdoc/en-us/000218003/dsa-2023-294-security-update-for-dell-networker-nw-client-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000218003/dsa-2023-294-security-update-for-dell-networker-nw-client-vulnerabilities