Vulnerabilities > Dell > Secure Connect Gateway > 5.18.00.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-28965 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28966 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28967 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28968 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28969 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). | 4.3 |
| 2024-06-13 | CVE-2024-29168 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. | 8.8 |
| 2024-03-01 | CVE-2024-24903 | Unspecified vulnerability in Dell Secure Connect Gateway Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. low complexity dell | 8.0 |
| 2024-03-01 | CVE-2024-24904 | Unspecified vulnerability in Dell Secure Connect Gateway Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. low complexity dell | 7.6 |
| 2024-03-01 | CVE-2024-24905 | Unspecified vulnerability in Dell Secure Connect Gateway Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. low complexity dell | 7.6 |
| 2024-03-01 | CVE-2024-24907 | Unspecified vulnerability in Dell Secure Connect Gateway Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability in the Filters page. low complexity dell | 7.6 |