Lucene search
+L

183 matches found

CVE
CVE
added 2024/02/14 8:5 a.m.73 views

CVE-2023-44293

CVE-2023-44293 affects Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (versions 5.10.00.00–5.18.00.00). The root cause is an SQL injection vulnerability in the IP Range Rest API filters, which could allow a malicious user with a valid session to inject content and ca...

6.5CVSS5.3AI score0.00444EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/14 8:5 a.m.26 views

CVE-2023-44293

In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance between v5.10.00.00 and v5.18.00.00, a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially le...

5.4CVSS5.6AI score0.00444EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.7 views

The vulnerability of the software for remote IT support and monitoring of Dell Secure Connect Gateway (SCG) arises from the use of cryptographic algorithms that contain defects. This allows attackers to gain unauthorized access to protected information.

The vulnerability of software for remote IT support and monitoring of Dell Secure Connect Gateway SCG is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected...

5.9CVSS6.2AI score0.00424EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.7 views

The vulnerability of the access control tool, Policy Manager, in the software for remote IT support and monitoring provided by Dell Secure Connect Gateway (SCG), allows a perpetrator to increase their privileges.

The vulnerability of the access control mechanism in the Policy Manager software for remote IT support and monitoring in Dell Secure Connect Gateway SCG is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to increase their...

8CVSS7.8AI score0.00472EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.7 views

The vulnerability of the access control tool, Policy Manager, in the software for remote IT support and monitoring provided by Dell Secure Connect Gateway (SCG), allows a perpetrator to increase their privileges.

The vulnerability of the access control mechanism in the Policy Manager software for remote IT support and monitoring in Dell Secure Connect Gateway SCG is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to increase their...

8CVSS7.8AI score0.00419EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.6 views

The vulnerability of the access control tool, Policy Manager, in the software for remote IT support and monitoring provided by Dell Secure Connect Gateway (SCG), allows a perpetrator to increase their privileges.

The vulnerability of the access control mechanism in the Policy Manager software for remote IT support and monitoring in Dell Secure Connect Gateway SCG is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to increase their...

8.4CVSS7.2AI score0.00197EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/02/17 7:15 a.m.13 views

CVE-2023-23695

Dell Secure Connect Gateway SCG version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information...

5.9CVSS5.8AI score0.00424EPSS
Exploits0References1
Prion
Prion
added 2023/02/17 7:15 a.m.20 views

Design/Logic Flaw

Dell Secure Connect Gateway SCG version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information...

2.6CVSS5.8AI score0.00424EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/17 6:12 a.m.10 views

CVE-2023-23695

Dell Secure Connect Gateway SCG version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information...

5.9CVSS6.9AI score0.00424EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/17 6:12 a.m.29 views

CVE-2023-23695

Dell Secure Connect Gateway SCG version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information...

5.9CVSS6AI score0.00424EPSS
Exploits0References1
CVE
CVE
added 2023/02/17 6:12 a.m.52 views

CVE-2023-23695

Dell Secure Connect Gateway (SCG) v5.14.00.12 is affected by a broken cryptographic algorithm vulnerability that could enable remote, unauthenticated MitM attacks to extract sensitive data. This is documented across multiple sources (NVD, PRION, PRION-like entries, PT-2023-6682) and centers on SC...

5.9CVSS5.8AI score0.00424EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.8 views

Dell EMC Secure Connect Gateway 加密问题漏洞

Dell EMC Secure Connect Gateway Dell Emc Scg is a secure connectivity gateway from Dell USA. A security vulnerability exists in Dell EMC Secure Connect Gateway SCG version 5.14.00.12, which stems from the presence of a corrupted encryption algorithm vulnerability that can be exploited by a remote...

5.9CVSS6AI score0.00424EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/17 12:0 a.m.6 views

PT-2023-6682 · Dell · Dell Secure Connect Gateway

Name of the Vulnerable Software and Affected Versions: Dell Secure Connect Gateway SCG version 5.14.00.12 Description: The issue is related to a broken cryptographic algorithm in the software, which could allow a remote unauthenticated attacker to exploit the vulnerability by performing...

5.9CVSS5.5AI score0.00424EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/11/19 12:0 a.m.24 views

Dell Emc Secure Connect Gateway 日志信息泄露漏洞

Dell Emc Secure Connect Gateway Dell Emc Scg is a secure connectivity gateway from Dell, Inc. The vulnerability can be exploited to read sensitive information...

7.8CVSS5.5AI score0.00243EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2021/04/22 10:29 a.m.223 views

Threat Advisory: Pulse Secure Connect Coverage

Pulse Secure announced that a critical vulnerability CVE-2021-22893 was discovered in their VPN service "Pulse Secure Connect" in a recent security advisory. The advisory states that, "a vulnerability was discovered under Pulse Connect Secure PCS. This includes an authentication by-pass... This i...

7.5CVSS2.6AI score0.47172EPSS
Exploits9
NVD
NVD
added 2020/08/12 5:15 p.m.21 views

CVE-2020-6653

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

3.9CVSS4.1AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2020/08/12 5:15 p.m.5 views

CVE-2020-6653

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

3.9CVSS5.8AI score0.00264EPSS
Exploits0References1
Prion
Prion
added 2020/08/12 5:15 p.m.17 views

Information disclosure

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

2.1CVSS4.3AI score0.00264EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/08/12 4:3 p.m.48 views

CVE-2020-6653

The CVE-2020-6653 issue affects Eaton’s Secure Connect mobile app (v1.7.3 and earlier). The underlying flaw is that the app stores user login credentials in logcat files during account creation/registration, enabling a malicious app or unauthorized user to harvest those credentials and potentiall...

3.9CVSS4.1AI score0.00264EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/12 4:3 p.m.24 views

CVE-2020-6653 Sensitive date stored in logcat file

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's...

3.8CVSS4.2AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder