Lucene search
K
DellSecure Connect Gateway

23 matches found

CVE
CVE
added 2024/03/01 10:57 a.m.95 views

CVE-2024-22458

Dell Secure Connect Gateway (version 5.18) is affected by an Inadequate Encryption Strength vulnerability. An unauthenticated network attacker could potentially recover plaintext from a block of ciphertext due to weak cryptographic strength. The CTI sources consistently identify the affected prod...

5.3CVSS4.4AI score0.00132EPSS
CVE
CVE
added 2024/03/01 11:4 a.m.84 views

CVE-2024-22457

CVE-2024-22457 affects Dell Secure Connect Gateway 5.20. The vulnerability arises in the SRS to SCG update path due to improper authentication, allowing a remote low-privileged attacker to impersonate the server by presenting a fake self-signed certificate when communicating with the remote serve...

8.8CVSS6.9AI score0.00293EPSS
CVE
CVE
added 2024/06/13 2:47 p.m.84 views

CVE-2024-28965

CVE-2024-28965 affects Dell SCG prior to 5.24.00.00. The issue is an Improper Access Control in an internal enable REST API exposed by the SCG (if enabled via the UI by an Admin). A remote, low-privileged attacker could trigger internal APIs intended for Admin Users on the backend database, poten...

5.4CVSS7AI score0.00349EPSS
CVE
CVE
added 2024/06/13 2:51 p.m.79 views

CVE-2024-28966

CVE-2024-28966 affects Dell SCG with versions prior to 5.24.00.00, due to an Improper Access Control vulnerability in an internal update REST API that a Admin UI-enabled function exposes. A remote, low-privileged attacker could access APIs intended for Admin Users on the backend database and pote...

5.4CVSS5.6AI score0.00349EPSS
CVE
CVE
added 2024/06/13 2:57 p.m.79 views

CVE-2024-28967

Dell SCG (Secure Connect Gateway) vulnerable to improper access control in versions prior to 5.24.00.00 due to an exposed internal maintenance REST API that, if enabled by an Admin user from the UI, could allow a remote, low-privileged attacker to execute admin-only backend APIs associated with t...

5.4CVSS7AI score0.00349EPSS
CVE
CVE
added 2024/06/13 3:13 p.m.79 views

CVE-2024-29169

Dell SCG (Secure Connect Gateway) versions prior to 5.22.00.00 have a SQL Injection vulnerability in the SCG UI for the Internal Audit REST API. A remote authenticated attacker could potentially execute SQL commands on the backend database, leading to unauthorized access and modification of appli...

8.1CVSS8AI score0.00435EPSS
CVE
CVE
added 2024/06/13 3:9 p.m.78 views

CVE-2024-29168

Summary: Dell Secure Connect Gateway (SCG) prior to v5.22.00.00 contains a SQL Injection vulnerability in the SCG UI for the internal assets REST API. A remote authenticated attacker could potentially exploit this flaw to execute SQL commands on the application’s backend database, leading to unau...

8.8CVSS8AI score0.0047EPSS
CVE
CVE
added 2024/06/13 3:1 p.m.77 views

CVE-2024-28968

Summary (CVE-2024-28968) Dell SCG (Dell Secure Connect Gateway) versions prior to 5.24.00.00 suffer an Improper Access Control vulnerability in the internal email and collection settings REST APIs (enabled by Admin from UI). A remote, low-privileged attacker could potentially cause execution of A...

5.4CVSS7AI score0.00349EPSS
CVE
CVE
added 2024/02/14 8:24 a.m.74 views

CVE-2023-44294

CVE-2023-44294 affects Dell Secure Connect Gateway Application/Appliance (v5.10.00.00–v5.18.00.00). Root cause: SQL injection in the Collection Rest API filters that can be exploited by a user with a valid session to disclose data from the product database. Impact and context align with MEDIUM se...

6.5CVSS5.3AI score0.00444EPSS
CVE
CVE
added 2024/06/13 3:5 p.m.74 views

CVE-2024-28969

Dell SCG prior to version 5.24.00.00 contains an Improper Access Control vulnerability in an internal update REST API that is only accessible if enabled by an Admin from the UI. A remote low-privileged attacker could potentially trigger this API and cause execution of certain admin-only APIs agai...

4.3CVSS7AI score0.00424EPSS
CVE
CVE
added 2025/03/19 3:13 p.m.72 views

CVE-2025-26475

CVE-2025-26475 affects Dell Secure Connect Gateway (SCG) 5.0 Appliance – SRS 5.26. The connected sources indicate a related authorization issue exists in SCG versions prior to 5.28.00.14, stemming from the Live-Restore setting and potentially allowing improper authentication. The practical guidan...

5.5CVSS7.1AI score0.0015EPSS
CVE
CVE
added 2024/02/14 8:5 a.m.71 views

CVE-2023-44293

CVE-2023-44293 affects Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (versions 5.10.00.00–5.18.00.00). The root cause is an SQL injection vulnerability in the IP Range Rest API filters, which could allow a malicious user with a valid session to inject content and ca...

6.5CVSS5.3AI score0.00444EPSS
CVE
CVE
added 2025/02/25 1:45 p.m.62 views

CVE-2024-51539

Dell Secure Connect Gateway (SCG) Application and Appliance versions prior to 5.28 are affected by an SQL injection due to improper neutralization of SQL elements. The vulnerability is exploitable locally by a high-privilege attacker, potentially leading to disclosure of non-sensitive information...

2.3CVSS7.3AI score0.00182EPSS
CVE
CVE
added 2024/10/18 4:34 p.m.57 views

CVE-2024-48016

CVE-2024-48016 affects Dell Secure Connect Gateway (SCG) 5.0 Appliance – SRS, 5.24. Root cause: use of a broken/risky cryptographic algorithm. Impact: potential information disclosure via remote access by a low-privileged attacker; attacker could use exposed credentials to access the system with ...

8.8CVSS6.6AI score0.00152EPSS
CVE
CVE
added 2021/11/20 1:40 a.m.56 views

CVE-2021-36340

Dell EMC SCG 5.00.00.10 and earlier are affected by CVE-2021-36340, a local sensitive information disclosure vulnerability that could allow a local attacker to read sensitive information. The initial description and connected records confirm affected product/version and impact; exploitation statu...

7.8CVSS5AI score0.00243EPSS
CVE
CVE
added 2025/03/19 3:20 p.m.52 views

CVE-2025-23382

Dell Secure Connect Gateway (SCG) 5.0 Appliance – SRS 5.26 is affected by an information disclosure vulnerability (Exposure of Sensitive System Information to an Unauthorized Control Sphere). A high-privilege attacker with remote access could potentially exploit this to obtain sensitive informati...

5.8CVSS5.3AI score0.00188EPSS
CVE
CVE
added 2023/02/17 6:12 a.m.51 views

CVE-2023-23695

Dell Secure Connect Gateway (SCG) v5.14.00.12 is affected by a broken cryptographic algorithm vulnerability that could enable remote, unauthenticated MitM attacks to extract sensitive data. This is documented across multiple sources (NVD, PRION, PRION-like entries, PT-2023-6682) and centers on SC...

5.9CVSS5.8AI score0.00424EPSS
CVE
CVE
added 2024/10/18 11:9 a.m.51 views

CVE-2024-47240

CVE-2024-47240 concerns Dell Secure Connect Gateway (SCG) version 5.24. The vulnerability is described as an incorrect default permissions issue, where a local attacker with low privileges can access the file system and potentially gain write access to unauthorized data, which could also cause a ...

6.3CVSS5.6AI score0.00184EPSS
CVE
CVE
added 2024/10/18 4:28 p.m.47 views

CVE-2024-47241

Dell Secure Connect Gateway (SCG) 5.0 Appliance — SRS 5.24 contains an Improper Certificate Validation vulnerability. A low-privileged, remote attacker could exploit a certificate validation error to gain unauthorized access and modify transmitted data. Affected: SCG 5.24 (SRS). Root cause: certi...

8.1CVSS6.9AI score0.00157EPSS
CVE
CVE
added 2023/06/01 3:58 p.m.38 views

CVE-2023-28043

Dell SCG 5.14 is affected by an information-disclosure vulnerability in the upgrade path from SRS to SCG. A remote, low-privileged attacker could potentially retrieve plaintext information. Affected component: Dell SCG/Policy Manager upgrade flow; root cause involves insufficient protection durin...

6.5CVSS6.2AI score0.00338EPSS
CVE
CVE
added 2025/10/30 3:22 p.m.17 views

CVE-2025-46363

Dell Secure Connect Gateway (SCG) 5.0 software and appliances 5.26.00.00–5.30.00.00 expose a Relative Path Traversal via an internal collection download REST API that is usable when enabled from the Admin UI. A low-privilege remote attacker could abuse this to access restricted resources. A remed...

4.3CVSS6.3AI score0.00275EPSS
CVE
CVE
added 2026/01/06 3:1 p.m.12 views

CVE-2025-46696

Summary: CVE-2025-46696 affects Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, versions 5.26–5.30, with an Execution with Unnecessary Privileges flaw that could enable Local Privilege Escalation by a high-privilege attacker with local access. Publicly reported details specify a ...

6.7CVSS6AI score0.00099EPSS
CVE
CVE
added 2026/04/01 7:27 a.m.11 views

CVE-2026-27101

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application versions 5.28.00.xx–5.32.00.xx are affected by a Path Traversal vulnerability. The issue stems from improper path filtering, enabling a high-privilege attacker within the management network to potentially achieve remote code executio...

7.2CVSS5.9AI score0.00381EPSS