Server-Side Code Execution Flaw in Dell NetWorker Management Console
CVE-2025-21103

7.8HIGH

Key Information:

Vendor: Dell
Status: Networker Management Console
Vendor: CVE Published:; 17 February 2025

Summary

The Dell NetWorker Management Console has an improper neutralization vulnerability that allows an unauthenticated attacker with local access to potentially execute arbitrary code on the server. Versions 19.11 through 19.11.0.3 and versions prior to 19.10.0.7 are specifically impacted. This could lead to unauthorized actions being performed on the server, highlighting a serious security concern that needs prompt attention.

Affected Version(s)

NetWorker Management Console 19.11 <= 19.11.0.3

NetWorker Management Console < 19.10.0.7

References

https://www.dell.com/support/kbdoc/en-us/000286268/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 17, 2025
Vulnerability Reserved
Nov 22, 2024