Un authenticated attacker could execute code with local access
CVE-2024-47476

7.8HIGH

Key Information:

Vendor: Dell
Status: Networker Management Console
Vendor: CVE Published:; 3 December 2024

What is CVE-2024-47476?

The vulnerability in Dell NetWorker Management Console versions 19.11 arises from an improper verification of cryptographic signatures. This security flaw may enable an unauthenticated local attacker to exploit the system, potentially leading to unauthorized code execution. Proper verification mechanisms are essential to safeguarding systems against such vulnerabilities.

Affected Version(s)

NetWorker Management Console NRE 8.0.22

References

https://www.dell.com/support/kbdoc/en-us/000255884/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 3, 2024
Vulnerability Reserved
Sep 25, 2024