Vulnerabilities > Dell > Secure Connect Gateway > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-47240 | Incorrect Default Permissions vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. | 6.3 |
| 2024-06-13 | CVE-2024-28965 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28966 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28967 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28968 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). | 5.4 |
| 2024-06-13 | CVE-2024-28969 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). | 4.3 |
| 2024-03-01 | CVE-2024-22458 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.20.00.10 Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. | 5.3 |
| 2024-02-14 | CVE-2023-44294 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. | 6.5 |
| 2024-02-14 | CVE-2023-44293 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | 6.5 |
| 2023-06-01 | CVE-2023-28043 | Unspecified vulnerability in Dell Secure Connect Gateway 5.14.00.16 Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. | 6.5 |