CVE-2023-24568
Description
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell NetWorker fails to properly validate hostnames in RabbitMQ certificates, potentially allowing use of mismatched CA signed certificates.
Vulnerability
Dell NetWorker contains an Improper Validation of Certificate with Host Mismatch vulnerability in the RabbitMQ port. The software does not correctly validate that the certificate's hostname matches the expected host, which could disallow replacing CA signed certificates. Affected versions: 19.8.0.0, 19.7.0.3 and prior, and 19.7.1. [1]
Exploitation
The vulnerability can be exploited over the network by an attacker with low privileges (authenticated user) without requiring user interaction. The attacker can present a certificate that does not match the expected hostname, leading to improper validation. [1]
Impact
Successful exploitation results in a low integrity impact with a changed scope, but confidentiality and availability are not affected. The CVSS base score is 5.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N). [1]
Mitigation
Dell has released fixed versions: 19.8.0.1 and later, and 19.7.0.4 and later. Users should update to these versions to remediate the vulnerability. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 19.8.0.0, 19.7.0.3 and prior releases, 19.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.