← Volver a CVEs
CVE-2024-24900
MEDIUM5.8
Descripcion
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized devices added to policies. Exploitation may lead to information disclosure and unauthorized access to the system.
Detalles CVE
Puntuacion CVSS v3.15.8
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado3/1/2024
Ultima modificacion5/20/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
dell:policy_manager_for_secure_connect_gateway
Debilidades (CWE)
CWE-285
Referencias
https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities(security_alert@emc.com)
https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.