116 matches found
CVE-2024-37131
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy CORP vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated use...
CVE-2024-28969
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...
CVE-2024-28967
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain API...
CVE-2024-28967
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain API...
CVE-2024-28966
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...
CVE-2024-28968
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...
CVE-2024-28965
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain Internal...
CVE-2024-28966
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...
CVE-2024-28968
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...
CVE-2024-29169
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
CVE-2024-29169
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
CVE-2024-29169
Dell SCG (Secure Connect Gateway) versions prior to 5.22.00.00 have a SQL Injection vulnerability in the SCG UI for the Internal Audit REST API. A remote authenticated attacker could potentially execute SQL commands on the backend database, leading to unauthorized access and modification of appli...
CVE-2024-29168
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
CVE-2024-29168
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
CVE-2024-29168
Summary: Dell Secure Connect Gateway (SCG) prior to v5.22.00.00 contains a SQL Injection vulnerability in the SCG UI for the internal assets REST API. A remote authenticated attacker could potentially exploit this flaw to execute SQL commands on the application’s backend database, leading to unau...
CVE-2024-28969
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...
CVE-2024-28969
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs...
CVE-2024-28969
Dell SCG prior to version 5.24.00.00 contains an Improper Access Control vulnerability in an internal update REST API that is only accessible if enabled by an Admin from the UI. A remote low-privileged attacker could potentially trigger this API and cause execution of certain admin-only APIs agai...
CVE-2024-28968
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...
CVE-2024-28968
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...