cbcvebase.
CVE-2023-28055
published 2023-09-27

CVE-2023-28055: Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could…

PriorityP350high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
0.34%
25.3th percentile
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.

Affected

8 ranges
VendorProductVersion rangeFixed in
dellnetworker
dellnetworker
dellnetworker
dellnetworker
dellnetworker
dellnetworker>= 19.7 < 19.7.0.519.7.0.5
dellnetworker>= 19.8 < 19.8.0.319.8.0.3
dellnetworker>= 19.9 < 19.9.0.219.9.0.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.