The NetMan knowledge base
Tags NetMan5.NDM NetMan5.Enterprise NetMan5 NetMan.Known Problems.Fixed NetMan.HTML.View Module NetMan.Desktop Manager NetMan
Security vulnerabilities in Apache Web Server up to version 2.4.67 in NetMan Enterprise and NDM
Necessary update for NetMan Enterprise and NetMan Desktop Manager (NDM) due to security vulnerabilities in the Apache web server.
In May, a series of security vulnerabilities affecting Apache were disclosed. These include five vulnerabilities classified as critical (CVE-2026-23918, risk "high"; CVE-2026-24072, risk "high"; CVE-2026-29169, risk "high"; CVE-2026-34059, risk "high"; CVE-2026-29168, risk "high") as well as others classified as "medium" and "low" (Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project). The Apache Software Foundation has addressed these vulnerabilities in version 2.4.67.
NetMan Enterprise and NetMan Desktop Manager (NDM) do not utilize all Apache server modules; consequently, the product is not affected by every vulnerability. However, the following vulnerabilities do apply to NetMan:
- CVE-2026-24072, CVSS 6.5, risk "high"
- CVE-2026-33523, CVSS 6.5, risk "medium"
- CVE-2026-34032, CVSS 5.3, risk "medium"
We are providing updated setup files for the NetMan versions.
NetMan Desktop Manager Version 6
NetMan Desktop Manager version 6.4.0.89 includes Apache Web Server 2.4.67.
Note: When updating from version 6.4.0.87, only the Apache Web Server is updated; for all earlier versions of NetMan Desktop Manager, additional server components and the NetMan Client are also updated.
Notes:
- If the NetMan Client also requires updating in your environment, please schedule an appropriate maintenance window and account for the time needed to update the NetMan Client.
- If the NetMan SSL Gateway is in use, this software component must also be updated. The necessary setup is included in the server setup.
NetMan Enterprise und NetMan Desktop Manager Version 5
NetMan Enterprise Version 5.8.0.470 and NetMan Desktop Manager Version 5.8.0.470 include Apache Web Server 2.4.67.
Note: When updating to version 5.8.0.467, only the Apache Web Server is updated; for all earlier versions of NetMan, additional server components and the NetMan Client are also updated.
Notes:
- If the NetMan Client also requires updating in your environment, please schedule an appropriate maintenance window and account for the time needed to update the NetMan Client.
- If the NetMan SSL Gateway is in use, this software component must also be updated. The necessary setup is included in the server setup.
Important Information
If required, please contact nmsupport@hh-software.com to schedule an appointment for your system update. Billing is based on service hours. If you do not have any remaining service hour credits, please contact your sales representative.
Alternatively, you can perform the update yourself or have it carried out by your supporting partner.