Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing potential unauthorized access and modification of application data.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 27 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Dell secure Connect Gateway Appliance
Dell secure Connect Gateway Application
CPEs cpe:2.3:a:dell:secure_connect_gateway_appliance:5.18.00.20:*:*:*:*:*:*:*
cpe:2.3:a:dell:secure_connect_gateway_application:5.18.00.20:*:*:*:*:*:*:*
Vendors & Products Dell secure Connect Gateway Appliance
Dell secure Connect Gateway Application
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 20 May 2025 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:appliance:*:*:* cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:application:*:*:*
cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:virtual:*:*:*

Tue, 04 Feb 2025 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell secure Connect Gateway
CPEs cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:appliance:*:*:*
Vendors & Products Dell
Dell secure Connect Gateway

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2025-08-27T15:52:36.412Z

Reserved: 2024-03-18T08:44:18.922Z

Link: CVE-2024-29169

cve-icon Vulnrichment

Updated: 2024-08-02T01:10:54.105Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-13T16:15:10.610

Modified: 2025-09-30T18:02:10.763

Link: CVE-2024-29169

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.