Dell Edge Gateway 5200 Vulnerability Could Lead to Information Exposure

CVE-2024-38296

6.7MEDIUM

Key Information

Vendor: Dell
Status: Edge Gateway 5200
Vendor: CVE Published:; 22 November 2024

Summary

Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Affected Version(s)

Edge Gateway 5200 < 12.0.94.2380

References

https://www.dell.com/support/kbdoc/en-us/000250949/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2024
Vulnerability Reserved
Jun 13, 2024

Collectors

NVD DatabaseMitre Database

Credit

Dell would like to thank the Eclypsium Research Team for reporting this issue