CVE-2023-28055

Name of the Vulnerable Software and Affected Versions Dell NetWorker version 19.7

Description The issue is related to an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command, leading to gain of complete access to the server file, further resulting in information leaks, denial of service, and arbitrary code execution.

Recommendations For Dell NetWorker version 19.7, upgrade to a newer version at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting access to the NetWorker client to minimize the risk of exploitation.