Low Privilege Attacker Could Discover Exposed Credentials and Access the System
CVE-2024-48016

8.8HIGH

Key Information:

Vendor: Dell
Status: Secure Connect Gateway
Vendor: CVE Published:; 18 October 2024

Summary

The vulnerability identified in the Dell Secure Connect Gateway 5.0 Appliance - SRS version 5.24 arises from the use of a broken or risky cryptographic algorithm. This flaw enables a low privileged attacker with remote access to potentially exploit the vulnerability, which may lead to unauthorized information disclosure. The exposed credentials could allow the attacker to gain access to the system as the compromised account, thereby raising significant security concerns.

References

https://www.dell.com/support/kbdoc/en-us/000237211/dsa-20...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 18, 2024