Vulnerabilities > Dell > Secure Connect Gateway
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-19 | CVE-2025-23382 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Dell Secure Connect Gateway 5.26.00.20 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. | 5.8 |
| 2025-03-19 | CVE-2025-26475 | Improper Authentication vulnerability in Dell Secure Connect Gateway 5.26.00.20 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 |
| 2024-10-18 | CVE-2024-47241 | Improper Certificate Validation vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. | 8.1 |
| 2024-10-18 | CVE-2024-48016 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. | 8.8 |
| 2024-10-18 | CVE-2024-47240 | Incorrect Default Permissions vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. | 6.3 |
| 2024-06-13 | CVE-2024-29169 | SQL Injection vulnerability in Dell Secure Connect Gateway Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. | 8.1 |
| 2024-06-13 | CVE-2024-28965 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28966 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28967 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28968 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). | 5.4 |