CVE-2024-47240

Published: Oct 18, 2024Modified: Oct 22, 2024

6.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.4

Source: NVD

Description

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.

Affected (1)

Products: Dell: Secure Connect Gateway

1 product

Secure Connect Gateway

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Secure Connect Gateway	Version 5.24.00.14

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (1)

https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.