Sensitive Information Disclosure in Dell EMC Secure Connect Gateway
CVE-2021-36340

5.5MEDIUM

Key Information:

Vendor: Dell
Status: Secure Connect Gateway (scg) 5.0 Application
Vendor: CVE Published:; 20 November 2021

What is CVE-2021-36340?

The Dell EMC Secure Connect Gateway versions 5.00.00.10 and earlier are susceptible to a vulnerability that allows a local malicious user to access and read sensitive information. This security flaw poses a risk, potentially enabling unauthorized access to sensitive data, which could be abused by an attacker. It is crucial for users to be aware of this vulnerability and apply necessary updates to mitigate potential threats.

Affected Version(s)

Secure Connect Gateway (SCG) 5.0 Application < 5.00.05.10

References

https://www.dell.com/support/kbdoc/en-us/000193601/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Jul 8, 2021

JSON