Lucene search

DellCVELIST:CVE-2024-22458

HistoryMar 01, 2024 - 10:57 a.m.

CVE-2024-22458

2024-03-0110:57:47

CWE-327

dell

www.cve.org

dell secure connect gateway

5.18

inadequate encryption strength

vulnerability

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Secure Connect Gateway (SCG) 5.0 Appliance - SRS",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "5.20.00.10"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000222433/dsa-2024-076-security-update-for-dell-secure-connect-gateway-appliance-vulnerabilities

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-22458