Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.
History

Tue, 06 Aug 2024 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell secure Connect Gateway
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:*:*:*:*
Vendors & Products Dell
Dell secure Connect Gateway

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2024-06-13T14:57:23.532Z

Updated: 2024-08-02T01:03:51.273Z

Reserved: 2024-03-13T15:42:12.960Z

Link: CVE-2024-28967

cve-icon Vulnrichment

Updated: 2024-08-02T01:03:51.273Z

cve-icon NVD

Status : Modified

Published: 2024-06-13T15:15:51.660

Modified: 2024-11-21T09:07:17.290

Link: CVE-2024-28967

cve-icon Redhat

No data.