QID 730329

Date Published: 2022-01-17

QID 730329: Dell EMC NetWorker Virtual Edition Multiple Apache Log4j Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)

Dell EMC NetWorker software provides fast, efficient backup and recovery for enterprise applications and databases.

Affected Version:
Dell EMC NetWorker Virtual Edition 19.5.x
QID Detection Logic (Unauthenticated):
This QID tries to find vulnerable Dell EMC NetWorker Virtual Edition versions by transmitting a HTTP POST request to avi/avigui/avigwt

Apache Log4j remote code execution vulnerability that may be exploited by malicious users to compromise the affected system Dell EMC NetWorker Virtual Edition

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Further information can be obtained from DSA-2021-280

    CVEs related to QID 730329

    Software Advisories
    Advisory ID Software Component Link
    DSA-2021-280 URL Logo www.dell.com/support/kbdoc/en-in/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228