Lucene search
+L

116 matches found

NVD
NVD
added 2024/06/13 3:15 p.m.19 views

CVE-2024-37131

SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy CORP vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated use...

9.8CVSS0.00489EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 3:15 p.m.5 views

CVE-2024-28969

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

4.3CVSS5.9AI score0.00424EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 3:15 p.m.4 views

CVE-2024-28967

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain API...

5.4CVSS5.9AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 3:15 p.m.24 views

CVE-2024-28967

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain API...

5.4CVSS0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 3:15 p.m.22 views

CVE-2024-28966

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

5.4CVSS0.00349EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 3:15 p.m.7 views

CVE-2024-28968

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...

5.4CVSS5.9AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 3:15 p.m.24 views

CVE-2024-28965

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain Internal...

5.4CVSS0.00349EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 3:15 p.m.5 views

CVE-2024-28966

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

5.4CVSS5.9AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 3:15 p.m.19 views

CVE-2024-28968

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...

5.4CVSS0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 3:13 p.m.31 views

CVE-2024-29169

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

5.4CVSS0.00435EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 3:13 p.m.20 views

CVE-2024-29169

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

5.4CVSS7.9AI score0.00435EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 3:13 p.m.80 views

CVE-2024-29169

Dell SCG (Secure Connect Gateway) versions prior to 5.22.00.00 have a SQL Injection vulnerability in the SCG UI for the Internal Audit REST API. A remote authenticated attacker could potentially execute SQL commands on the backend database, leading to unauthorized access and modification of appli...

8.1CVSS8AI score0.00435EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/13 3:9 p.m.22 views

CVE-2024-29168

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

5.4CVSS0.0047EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 3:9 p.m.23 views

CVE-2024-29168

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

5.4CVSS7.9AI score0.0047EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 3:9 p.m.80 views

CVE-2024-29168

Summary: Dell Secure Connect Gateway (SCG) prior to v5.22.00.00 contains a SQL Injection vulnerability in the SCG UI for the internal assets REST API. A remote authenticated attacker could potentially exploit this flaw to execute SQL commands on the application’s backend database, leading to unau...

8.8CVSS8AI score0.0047EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 3:5 p.m.23 views

CVE-2024-28969

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

4.3CVSS7.2AI score0.00424EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 3:5 p.m.33 views

CVE-2024-28969

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...

4.3CVSS0.00424EPSS
Exploits0References1
CVE
CVE
added 2024/06/13 3:5 p.m.75 views

CVE-2024-28969

Dell SCG prior to version 5.24.00.00 contains an Improper Access Control vulnerability in an internal update REST API that is only accessible if enabled by an Admin from the UI. A remote low-privileged attacker could potentially trigger this API and cause execution of certain admin-only APIs agai...

4.3CVSS7AI score0.00424EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/13 3:1 p.m.17 views

CVE-2024-28968

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...

5.4CVSS7.2AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 3:1 p.m.21 views

CVE-2024-28968

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...

5.4CVSS0.00349EPSS
Exploits0References1
Rows per page
Query Builder