CVE-2024-47240

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:secure_connect_gateway:5.24.00.14:*:*:*:*:*:*:*

History

22 Oct 2024, 15:28

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities - Vendor Advisory
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 6.3
First Time Dell
Dell secure Connect Gateway
CPE cpe:2.3:a:dell:secure_connect_gateway:5.24.00.14:*:*:*:*:*:*:*
Summary
  • (es) Dell Secure Connect Gateway (SCG) 5.24 contiene una vulnerabilidad de permisos predeterminados incorrectos. Un atacante local con privilegios bajos puede acceder al sistema de archivos y podría aprovechar esta vulnerabilidad para obtener acceso de escritura a datos no autorizados y provocar una condición de error en la actualización de la versión.

18 Oct 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-18 12:15

Updated : 2024-10-22 15:28


NVD link : CVE-2024-47240

Mitre link : CVE-2024-47240

CVE.ORG link : CVE-2024-47240


JSON object : View

Products Affected

dell

  • secure_connect_gateway
CWE
CWE-276

Incorrect Default Permissions