Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-24900

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized devices added to policies. Exploitation may lead to information disclosure and unauthorized access to the system.

Published

2024-03-01T13:15:08.090

Last Modified

2025-05-20T18:54:40.643

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-285
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	policy_manager_for_secure_connect_gateway	< 5.22.00.16	Yes

References

https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities Patch, Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)