Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.
History

Tue, 22 Oct 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell secure Connect Gateway
CPEs cpe:2.3:a:dell:secure_connect_gateway:5.24.00.14:*:*:*:*:*:*:*
Vendors & Products Dell
Dell secure Connect Gateway

Fri, 18 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 18 Oct 2024 11:30:00 +0000

Type Values Removed Values Added
Description Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2024-10-18T11:09:18.635Z

Updated: 2024-10-18T13:33:55.705Z

Reserved: 2024-09-23T05:36:07.683Z

Link: CVE-2024-47240

cve-icon Vulnrichment

Updated: 2024-10-18T13:33:51.706Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-18T12:15:02.773

Modified: 2024-10-22T15:28:55.637

Link: CVE-2024-47240

cve-icon Redhat

No data.