Broken Cryptographic Algorithm in Dell Secure Connect Gateway Affecting Sensitive Data
CVE-2023-23695

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Secure Connect Gateway (SCG) 5.0 Appliance - SRS
Vendor: CVE Published:; 17 February 2023

Summary

Dell Secure Connect Gateway version 5.14.00.12 contains a vulnerability related to a broken cryptographic algorithm. This flaw allows remote unauthenticated attackers to exploit the system through Man-in-the-Middle (MitM) attacks. If successfully executed, attackers may gain access to sensitive information, posing significant risks to data integrity and confidentiality. Users of affected versions are strongly advised to apply security updates to mitigate potential threats.

Affected Version(s)

Secure Connect Gateway (SCG) 5.0 Appliance - SRS 5.14.00.12

References

https://www.dell.com/support/kbdoc/en-us/000208462/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 17, 2023
Vulnerability Reserved
Jan 17, 2023