{ "document" : { "aggregate_severity" : { "text" : "hoch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein Angreifer kann mehrere Schwachstellen in Dell NetWorker ausnutzen, um Angriffe zu starten, die die Integrität, Vertraulichkeit und Verfügbarkeit von Systemen beeinträchtigen.", "title" : "Angriff" }, { "category" : "general", "text" : "- Sonstiges\n- UNIX\n- Windows", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2026-0351 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0351.json" }, { "category" : "self", "summary" : "WID-SEC-2026-0351 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0351" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2026-023 vom 2026-02-09", "url" : "https://www.dell.com/support/kbdoc/de-de/000425429/dsa-2026-023-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2026-024 vom 2026-02-09", "url" : "https://www.dell.com/support/kbdoc/de-de/000425759/dsa-2026-024-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities" } ], "source_lang" : "en-US", "title" : "Dell NetWorker (Third Party Components): Mehrere Schwachstellen", "tracking" : { "current_release_date" : "2026-02-09T23:00:00.000+00:00", "generator" : { "date" : "2026-02-10T10:02:33.638+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.5.0" } }, "id" : "WID-SEC-W-2026-0351", "initial_release_date" : "2026-02-09T23:00:00.000+00:00", "revision_history" : [ { "date" : "2026-02-09T23:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" } ], "status" : "final", "version" : "1" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "AUTHC <19.14", "product" : { "name" : "Dell NetWorker AUTHC <19.14", "product_id" : "T050629" } }, { "category" : "product_version", "name" : "AUTHC 19.14", "product" : { "name" : "Dell NetWorker AUTHC 19.14", "product_id" : "T050629-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:authc__19.14" } } }, { "category" : "product_version_range", "name" : "Management Console <19.14", "product" : { "name" : "Dell NetWorker Management Console <19.14", "product_id" : "T050630" } }, { "category" : "product_version", "name" : "Management Console 19.14", "product" : { "name" : "Dell NetWorker Management Console 19.14", "product_id" : "T050630-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:management_console__19.14" } } }, { "category" : "product_version_range", "name" : "Management Web UI <19.14", "product" : { "name" : "Dell NetWorker Management Web UI <19.14", "product_id" : "T050631" } }, { "category" : "product_version", "name" : "Management Web UI 19.14", "product" : { "name" : "Dell NetWorker Management Web UI 19.14", "product_id" : "T050631-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:management_web_ui__19.14" } } }, { "category" : "product_version_range", "name" : "REST API <19.14", "product" : { "name" : "Dell NetWorker REST API <19.14", "product_id" : "T050632" } }, { "category" : "product_version", "name" : "REST API 19.14", "product" : { "name" : "Dell NetWorker REST API 19.14", "product_id" : "T050632-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:rest_api__19.14" } } }, { "category" : "product_version_range", "name" : "File-Level Recovery <19.14", "product" : { "name" : "Dell NetWorker File-Level Recovery <19.14", "product_id" : "T050633" } }, { "category" : "product_version", "name" : "File-Level Recovery 19.14", "product" : { "name" : "Dell NetWorker File-Level Recovery 19.14", "product_id" : "T050633-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:file-level_recovery__19.14" } } }, { "category" : "product_version_range", "name" : "vCenter User Interface <19.14", "product" : { "name" : "Dell NetWorker vCenter User Interface <19.14", "product_id" : "T050634" } }, { "category" : "product_version", "name" : "vCenter User Interface 19.14", "product" : { "name" : "Dell NetWorker vCenter User Interface 19.14", "product_id" : "T050634-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:vcenter_user_interface__19.14" } } } ], "category" : "product_name", "name" : "NetWorker" } ], "category" : "vendor", "name" : "Dell" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2012-5783", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2012-5783" }, { "cve" : "CVE-2014-3577", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2014-3577" }, { "cve" : "CVE-2015-5262", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2015-5262" }, { "cve" : "CVE-2020-13956", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2020-13956" }, { "cve" : "CVE-2023-35116", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2023-35116" }, { "cve" : "CVE-2024-29736", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2024-29736" }, { "cve" : "CVE-2024-32007", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2024-32007" }, { "cve" : "CVE-2024-41172", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2024-41172" }, { "cve" : "CVE-2025-11226", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-11226" }, { "cve" : "CVE-2025-22228", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-22228" }, { "cve" : "CVE-2025-22233", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-22233" }, { "cve" : "CVE-2025-22235", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-22235" }, { "cve" : "CVE-2025-23184", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-23184" }, { "cve" : "CVE-2025-27820", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-27820" }, { "cve" : "CVE-2025-31650", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-31650" }, { "cve" : "CVE-2025-31651", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-31651" }, { "cve" : "CVE-2025-41234", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-41234" }, { "cve" : "CVE-2025-41242", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-41242" }, { "cve" : "CVE-2025-41248", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-41248" }, { "cve" : "CVE-2025-41254", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-41254" }, { "cve" : "CVE-2025-46392", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-46392" }, { "cve" : "CVE-2025-48913", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-48913" }, { "cve" : "CVE-2025-48924", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-48924" }, { "cve" : "CVE-2025-48989", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-48989" }, { "cve" : "CVE-2025-53864", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-53864" }, { "cve" : "CVE-2025-7962", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-7962" }, { "cve" : "CVE-2025-8713", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-8713" }, { "cve" : "CVE-2025-8714", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-8714" }, { "cve" : "CVE-2025-8715", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-8715" }, { "cve" : "CVE-2025-8885", "product_status" : { "known_affected" : [ "T050629", "T050634", "T050631", "T050630", "T050633", "T050632" ] }, "release_date" : "2026-02-09T23:00:00.000+00:00", "title" : "CVE-2025-8885" } ] }