CVE-2022-29082
First published: Thu May 26 2022(Updated: )
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC NetWorker | >=19.1.1.0<19.5.0.7 | |
| Dell EMC NetWorker | >=19.6.0<19.6.0.3 | |
| Dell EMC NetWorker | =19.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-29082?
CVE-2022-29082 has a medium severity rating due to improper validation of the SSL certificate in RabbitMQ.
How do I fix CVE-2022-29082?
To fix CVE-2022-29082, update Dell EMC NetWorker to versions 19.6.1 or later.
Which versions of Dell EMC NetWorker are affected by CVE-2022-29082?
CVE-2022-29082 affects Dell EMC NetWorker versions 19.1.x to 19.6.0.2.
Can CVE-2022-29082 be exploited remotely?
Yes, CVE-2022-29082 can potentially be exploited remotely due to the certificate validation vulnerability.
What component of Dell EMC NetWorker does CVE-2022-29082 impact?
CVE-2022-29082 impacts the RabbitMQ component operating on port 5671.
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell emc networker
- version/dell emc networker/19.1.1.0
- version/dell emc networker/19.6.0
- version/dell emc networker/19.6.1