cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-29169,https://securityvulnerability.io/vulnerability/CVE-2024-29169,Dell SCG Vulnerable to SQL Injection Attacks,"Dell Secure Connect Gateway, prior to version 5.22.00.00, is susceptible to a SQL Injection vulnerability within its internal audit REST API. This flaw allows a remote authenticated attacker to exploit the SCG user interface, enabling them to execute arbitrary SQL commands on the backend database. Successful exploitation could lead to unauthorized access and potential modification of critical application data, posing significant risks to data integrity and confidentiality.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",8.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T15:13:44.030Z,0
CVE-2024-29168,https://securityvulnerability.io/vulnerability/CVE-2024-29168,Dell SCG Vulnerable to SQL Injection Attacks,"The vulnerability in the Dell Secure Connect Gateway (SCG) allows remote authenticated attackers to exploit a SQL injection flaw in the SCG UI's internal assets REST API. By injecting certain SQL commands, an attacker could manipulate the backend database, potentially leading to unauthorized access and modifications of application data. Users of versions prior to 5.22.00.00 are particularly at risk and are advised to implement security measures promptly.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-06-13T15:09:31.764Z,0
CVE-2024-28969,https://securityvulnerability.io/vulnerability/CVE-2024-28969,Dell SCG Vulnerability Could Allow Unauthorized Access to Restricted Resources,"Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-13T15:05:01.940Z,0
CVE-2024-28968,https://securityvulnerability.io/vulnerability/CVE-2024-28968,Dell SCG Vulnerable to Improper Access Control,"Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-13T15:01:22.196Z,0
CVE-2024-28967,https://securityvulnerability.io/vulnerability/CVE-2024-28967,Dell SCG Vulnerability Could Lead to Unauthorized Access to Restricted Resources,"Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-13T14:57:23.532Z,0
CVE-2024-28966,https://securityvulnerability.io/vulnerability/CVE-2024-28966,Dell SCG Vulnerable to Improper Access Control,"Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-13T14:51:28.103Z,0
CVE-2024-28965,https://securityvulnerability.io/vulnerability/CVE-2024-28965,Dell SCG Vulnerable to Improper Access Control,"Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain Internal APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-13T14:47:29.267Z,0
CVE-2023-44294,https://securityvulnerability.io/vulnerability/CVE-2023-44294,Dell Secure Connect Gateway Vulnerability Could Lead to Information Disclosure,"A security concern has been identified in the Dell Secure Connect Gateway Application and Appliance, specifically within versions ranging from v5.10.00.00 to v5.18.00.00. This vulnerability allows a malicious user, who has a valid user session, to inject malicious content into the filters of the Collection Rest API. Consequently, this could lead to inadvertent disclosure of sensitive information from the product's database, raising significant security risks for users relying on these applications.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-02-14T08:24:00.579Z,0
CVE-2023-44293,https://securityvulnerability.io/vulnerability/CVE-2023-44293,Dell Secure Connect Gateway Vulnerability Could Lead to Information Disclosure,"A vulnerability exists in the Dell Secure Connect Gateway Application and Appliance, particularly affecting versions between v5.10.00.00 and v5.18.00.00. This security issue allows an authenticated malicious user to inject harmful content into the filters of the IP Range Rest API. As a result, there is a risk of unintentional information disclosure from the product's database, posing potential security and privacy risks to users. It is imperative for organizations using these affected versions to assess their exposure and apply necessary updates to mitigate the risk associated with this vulnerability.",Dell,"Secure Connect Gateway-application,Secure Connect Gateway-appliance",6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-02-14T08:05:10.270Z,0
CVE-2021-36340,https://securityvulnerability.io/vulnerability/CVE-2021-36340,Sensitive Information Disclosure in Dell EMC Secure Connect Gateway,"The Dell EMC Secure Connect Gateway versions 5.00.00.10 and earlier are susceptible to a vulnerability that allows a local malicious user to access and read sensitive information. This security flaw poses a risk, potentially enabling unauthorized access to sensitive data, which could be abused by an attacker. It is crucial for users to be aware of this vulnerability and apply necessary updates to mitigate potential threats.",Dell,Secure Connect Gateway (scg) 5.0 Application,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-20T02:15:00.000Z,0