CVE-2023-25544

Vulnerability

Dell NetWorker versions 19.5 and earlier expose the Apache Tomcat version via an unspecified disclosure vector [1]. This is a version disclosure vulnerability that does not require authentication or user interaction [1]. The affected component is the Apache Tomcat server bundled with NetWorker [1].

Exploitation

An attacker with remote network access to NetWorker clients can exploit this vulnerability by probing the Apache Tomcat service to identify its version [1]. No authentication or special privileges are needed, as the version is disclosed without any access control [1]. The exact sequence of steps is not detailed in the available references, but the attack vector is network-based with low complexity [1].

Impact

Successful exploitation allows the attacker to obtain the Apache Tomcat version [1]. While this is primarily a confidentiality impact (information disclosure), the knowledge can be used to launch further target-specific attacks [1]. The CVSS v3.1 base score is 7.5 (High), with a vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [1].

Mitigation

Dell has released a security update to address this vulnerability [1]. Affected users should apply the latest patches for Dell NetWorker as recommended in DSA-2023-058 [1]. There is no publicly documented workaround beyond applying the fix [1].