Primary

Context

Dell NetWorker Algorithm Downgrade Vulnerability Allowing Information Disclosure

Vulnerability

Patched

An 'Algorithm Downgrade' vulnerability has been identified in Dell NetWorker versions through 19.12.0.1. This vulnerability allows an unauthenticated attacker with remote access to exploit a selection of less-secure algorithms during negotiation, potentially leading to information disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure.

Remediation

Users can upgrade to Dell NetWorker version 19.13 or later. For versions prior to 19.11.0.5, version 19.13 or later is also recommended. The NetWorker Downloads Area can be accessed for the latest version.

Added: Jul 1, 2025, 2:25 PM

Updated: Jul 1, 2025, 2:25 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell NetWorker Algorithm Downgrade Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

Dell NetWorker

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating