CVE-2017-8023

Summary

EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.

Affected Software

VendorProductVersion RangeStatus
Dell EMCNetworker8.2.Xaffected
Dell EMCNetworker9.0.Xaffected
Dell EMCNetworkerunspecified < 9.1.15affected
Dell EMCNetworkerunspecified < 9.2.1affected

Weaknesses

  • Remote Code Execution Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References