Broken Cryptographic Algorithm in Dell SCG Policy Manager
CVE-2023-39252

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Secure Connect Gateway (scg) Policy Manager
Vendor: CVE Published:; 21 September 2023

What is CVE-2023-39252?

The Dell SCG Policy Manager version 5.16.00.14 is susceptible to a vulnerability stemming from a broken cryptographic algorithm. This flaw allows remote unauthenticated attackers to conduct Man-in-the-Middle (MitM) attacks, potentially granting them access to sensitive information. It is critical for users to apply necessary security updates and protect their environments against this susceptibility.

Affected Version(s)

Secure Connect Gateway (SCG) Policy Manager 5.16.00.14

References

https://www.dell.com/support/kbdoc/en-us/000217683/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 21, 2023
Vulnerability Reserved
Jul 26, 2023