CVE-2023-28055
published 2023-09-27CVE-2023-28055: Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could…
PriorityP350high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
0.34%
25.3th percentile
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | networker | — | — |
| dell | networker | — | — |
| dell | networker | — | — |
| dell | networker | — | — |
| dell | networker | — | — |
| dell | networker | >= 19.7 < 19.7.0.5 | 19.7.0.5 |
| dell | networker | >= 19.8 < 19.8.0.3 | 19.8.0.3 |
| dell | networker | >= 19.9 < 19.9.0.2 | 19.9.0.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-09-27
Published