#VU96284 Improper access control in Dell Secure Connect Gateway - CVE-2024-28966

Cybersecurity Help s.r.o.

Published: 2024-08-21

Vulnerability identifier: #VU96284

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-28966

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Dell Secure Connect Gateway
Server applications / Other server solutions

Vendor: Dell

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to SCG exposed for an internal update REST API (if enabled by Admin user from UI). A remote user can exploit this vulnerability, leading to the execution of certain APIs applicable only for Admin Users on the application's backend database that could potentially allow an unauthorized user access to restricted resources and change of state.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Dell Secure Connect Gateway: before 5.24.00.00

External links
https://www.dell.com/support/kbdoc/en-us/000225910/dsa-2024-181-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell Secure Connect Gateway