DSA-2025-390: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities
Shrnutí: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
Tento článek se vztahuje na
Tento článek se nevztahuje na
Tento článek není vázán na žádný konkrétní produkt.
V tomto článku nejsou uvedeny všechny verze produktu.
Vliv
Critical
Podrobnosti
| Third-Party Component | CVE | More Information |
| Apache2 | CVE-2024-42516, CVE-2024-43204, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-47947, CVE-2025-48866, CVE-2025-54571 | https://nvd.nist.gov/vuln/search |
| Boost | CVE-2016-9840 | https://nvd.nist.gov/vuln/search |
| commons | CVE-2025-48976, CVE-2025-48924 | https://nvd.nist.gov/vuln/search |
| coreutils-8.32-150400.9.9.1 | CVE-2025-5278 | https://nvd.nist.gov/vuln/search |
| libcurl | CVE-2024-6874, CVE-2025-0665, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2025-10148 | https://nvd.nist.gov/vuln/search |
| docker | CVE-2025-0495, CVE-2025-22872, CVE-2025-54388 | https://nvd.nist.gov/vuln/search |
| esapi | CVE-2025-5878 | https://nvd.nist.gov/vuln/search |
| exim | CVE-2024-39929 | https://nvd.nist.gov/vuln/search |
| glib2 | CVE-2025-4373, CVE-2025-6052 | https://nvd.nist.gov/vuln/search |
| glibc | CVE-2025-8058 | https://nvd.nist.gov/vuln/search |
| gpg2 | CVE-2025-30258 | https://nvd.nist.gov/vuln/search |
| grub2 | CVE-2024-56738 | https://nvd.nist.gov/vuln/search |
| iputils | CVE-2025-48964 | https://nvd.nist.gov/vuln/search |
| libjq1 | CVE-2024-23337, CVE-2025-48060 | https://nvd.nist.gov/vuln/search |
| kernel | CVE-2023-52888, CVE-2023-53146, CVE-2023-53324, CVE-2023-53325, CVE-2023-53328, CVE-2023-53331, CVE-2023-53333, CVE-2023-53336, CVE-2023-53338, CVE-2023-53339, CVE-2023-53342, CVE-2023-53343, CVE-2023-53350, CVE-2023-53352, CVE-2023-53354, CVE-2023-53356, CVE-2023-53357, CVE-2023-53360, CVE-2023-53362, CVE-2023-53364, CVE-2023-53365, CVE-2023-53367, CVE-2023-53368, CVE-2023-53369, CVE-2023-53370, CVE-2023-53371, CVE-2023-53374, CVE-2023-53377, CVE-2023-53379, CVE-2023-53380, CVE-2023-53384, CVE-2023-53385, CVE-2023-53386, CVE-2023-53391, CVE-2023-53394, CVE-2023-53395, CVE-2023-53397, CVE-2023-53401, CVE-2023-53420, CVE-2023-53421, CVE-2023-53424, CVE-2023-53425, CVE-2023-53426, CVE-2023-53428, CVE-2023-53429, CVE-2023-53432, CVE-2023-53436, CVE-2023-53438, CVE-2023-53441, CVE-2023-53442, CVE-2023-53444, CVE-2023-53446, CVE-2023-53447, CVE-2023-53448, CVE-2023-53451, CVE-2023-53454, CVE-2023-53456, CVE-2023-53457, CVE-2023-53461, CVE-2023-53462, CVE-2023-53463, CVE-2023-53465, CVE-2023-53472, CVE-2023-53479, CVE-2023-53480, CVE-2023-53485, CVE-2023-53487, CVE-2023-53488, CVE-2023-53490, CVE-2023-53491, CVE-2023-53492, CVE-2023-53493, CVE-2023-53495, CVE-2023-53496, CVE-2023-53500, CVE-2023-53501, CVE-2023-53504, CVE-2023-53505, CVE-2023-53507, CVE-2023-53508, CVE-2023-53510, CVE-2023-53515, CVE-2023-53516, CVE-2023-53518, CVE-2023-53519, CVE-2023-53520, CVE-2023-53523, CVE-2023-53526, CVE-2023-53527, CVE-2023-53528, CVE-2023-53530, CVE-2023-53531, CVE-2024-26584, CVE-2024-26831, CVE-2024-28956, CVE-2024-43869, CVE-2024-46713, CVE-2024-49568, CVE-2024-50106, CVE-2024-50223, CVE-2024-53135, CVE-2024-54458, CVE-2024-56613, CVE-2024-56699, CVE-2024-57982, CVE-2024-58053, CVE-2024-58090, CVE-2024-58098, CVE-2024-58099, CVE-2024-58100, CVE-2024-58237, CVE-2024-58240, CVE-2025-21629, CVE-2025-21648, CVE-2025-21658, CVE-2025-21702, CVE-2025-21720, CVE-2025-21787, CVE-2025-21814, CVE-2025-21868, CVE-2025-21898, CVE-2025-21899, CVE-2025-21919, CVE-2025-21920, CVE-2025-21938, CVE-2025-21959, CVE-2025-21997, CVE-2025-22005, CVE-2025-22021, CVE-2025-22022, CVE-2025-22030, CVE-2025-22035, CVE-2025-22056, CVE-2025-22057, CVE-2025-22063, CVE-2025-22066, CVE-2025-22070, CVE-2025-22083, CVE-2025-22089, CVE-2025-22095, CVE-2025-22103, CVE-2025-22111, CVE-2025-22113, CVE-2025-22119, CVE-2025-22120, CVE-2025-22124, CVE-2025-22125, CVE-2025-22126, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-37738, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37743, CVE-2025-37747, CVE-2025-37748, CVE-2025-37749, CVE-2025-37750, CVE-2025-37752, CVE-2025-37754, CVE-2025-37755, CVE-2025-37756, CVE-2025-37757, CVE-2025-37758, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37780, CVE-2025-37781, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37797, CVE-2025-37798, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37815, CVE-2025-37819, CVE-2025-37820, CVE-2025-37823, CVE-2025-37824, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37833, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37858, CVE-2025-37859, CVE-2025-37862, CVE-2025-37865, CVE-2025-37867, CVE-2025-37870, CVE-2025-37871, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37879, CVE-2025-37881, CVE-2025-37884, CVE-2025-37886, CVE-2025-37887, CVE-2025-37889, CVE-2025-37890, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37917, CVE-2025-37918, CVE-2025-37921, CVE-2025-37923, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37929, CVE-2025-37930, CVE-2025-37931, CVE-2025-37932, CVE-2025-37933, CVE-2025-37936, CVE-2025-37937, CVE-2025-37938, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37946, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37953, CVE-2025-37954, CVE-2025-37957, CVE-2025-37958, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37974, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37989, CVE-2025-37990, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998, CVE-2025-38000, CVE-2025-38001, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38007, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38020, CVE-2025-38022, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38053, CVE-2025-38057, CVE-2025-38059, CVE-2025-38060, CVE-2025-38065, CVE-2025-38068, CVE-2025-38072, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38083, CVE-2025-38104, CVE-2025-38119, CVE-2025-38152, CVE-2025-38234, CVE-2025-38240, CVE-2025-38255, CVE-2025-38263, CVE-2025-38351, CVE-2025-38402, CVE-2025-38408, CVE-2025-38418, CVE-2025-38419, CVE-2025-38456, CVE-2025-38465, CVE-2025-38466, CVE-2025-38488, CVE-2025-38514, CVE-2025-38526, CVE-2025-38527, CVE-2025-38533, CVE-2025-38544, CVE-2025-38556, CVE-2025-38574, CVE-2025-38584, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38597, CVE-2025-38605, CVE-2025-38614, CVE-2025-38616, CVE-2025-38622, CVE-2025-38623, CVE-2025-38637, CVE-2025-38639, CVE-2025-38640, CVE-2025-38643, CVE-2025-38645, CVE-2025-38659, CVE-2025-38660, CVE-2025-38664, CVE-2025-38668, CVE-2025-38676, CVE-2025-38678, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38697, CVE-2025-38698, CVE-2025-38701, CVE-2025-38702, CVE-2025-38705, CVE-2025-38706, CVE-2025-38709, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38727, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-38736, CVE-2025-39675, CVE-2025-39677, CVE-2025-39678, CVE-2025-39679, CVE-2025-39681, CVE-2025-39682, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39691, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39709, CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39718, CVE-2025-39719, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39732, CVE-2025-39735, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39749, CVE-2025-39750, CVE-2025-39754, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39764, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39790, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39810, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39832, CVE-2025-39833, CVE-2025-39835, CVE-2025-39838, CVE-2025-39839, CVE-2025-39842, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39882, CVE-2025-39885, CVE-2025-39889, CVE-2025-39891, CVE-2025-39907, CVE-2025-39920, CVE-2025-39923, CVE-2025-39925, CVE-2025-40014, CVE-2025-40300, CVE-2025-40325 | https://nvd.nist.gov/vuln/search |
| libavahi | CVE-2024-52615 | https://nvd.nist.gov/vuln/search |
| libcairo2 | CVE-2025-50422 | https://nvd.nist.gov/vuln/search |
| libgcrypt20 | CVE-2024-2236 | https://nvd.nist.gov/vuln/search |
| libgnutls30 | CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990 | https://nvd.nist.gov/vuln/search |
| libicu-suse65 | CVE-2025-5222 | https://nvd.nist.gov/vuln/search |
| libopenssl | CVE-2025-9230, CVE-2025-27587 | https://nvd.nist.gov/vuln/search |
| libpq5 | CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 | https://nvd.nist.gov/vuln/search |
| libpython3 | CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4516, CVE-2025-4517, CVE-2025-6069, CVE-2025-8194 | https://nvd.nist.gov/vuln/search |
| libruby | CVE-2024-35221, CVE-2025-6442, CVE-2025-27221 | https://nvd.nist.gov/vuln/search |
| libsqlite | CVE-2025-3277, CVE-2025-6965 | https://nvd.nist.gov/vuln/search |
| libssh | CVE-2025-4877, CVE-2025-4878, CVE-2025-5318, CVE-2025-5372, CVE-2025-8114, CVE-2025-8277 | https://nvd.nist.gov/vuln/search |
| libsystemd | CVE-2025-4598 | https://nvd.nist.gov/vuln/search |
| libvmtools | CVE-2025-41244 | https://nvd.nist.gov/vuln/search |
| libxml2 | CVE-2025-6021, CVE-2025-6170, CVE-2025-7425, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 | https://nvd.nist.gov/vuln/search |
| net-tools | CVE-2025-46836 | https://nvd.nist.gov/vuln/search |
| netty | CVE-2025-55163, CVE-2025-58056, CVE-2025-58057 | https://nvd.nist.gov/vuln/search |
| pam | CVE-2025-6018 | https://nvd.nist.gov/vuln/search |
| per | CVE-2025-40909 | https://nvd.nist.gov/vuln/search |
| spring-security | CVE-2024-38827, CVE-2025-22234, CVE-2025-41242, CVE-2025-41249, CVE-2025-41234 | https://nvd.nist.gov/vuln/search |
| sudo | CVE-2025-32462, CVE-2025-32463 | https://nvd.nist.gov/vuln/search |
| tomcat | CVE-2025-46701, CVE-2025-48988, CVE-2025-48989, CVE-2025-52520, CVE-2025-53506 | https://nvd.nist.gov/vuln/search |
| vim | CVE-2024-41965, CVE-2025-29768, CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158 | https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-46696 | Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-46696 | Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
Dotčené produkty a náprava
| Product | Affected Version | Updated Version | Link |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.32.00.20 | Version 5.32.00.20 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
| Dell Secure Connect Gateway - Application | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers |
| Product | Affected Version | Updated Version | Link |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.32.00.20 | Version 5.32.00.20 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
| Dell Secure Connect Gateway - Application | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers |
Historie změn
| Revision | Date | Description |
| 1.0 | 2025-11-04 | Initial Release |
| 2.0 | 2025-11-12 | Added CVE-2024-39929 to the remediated table and updated the remediated version |
| 3.0 | 2025-12-16 | Updated the Affected Product and Remediation table. New patch 5.30.00.20 has been released for Secure Connect Gateway that addresses vulnerabilities of the Python library |
| 4.0 | 2025-12-18 | Added CVE-2025-46696 to the remediated table |
Přijetí
CVE-2025-46696: Dell would like to thank Ahmed Y. Elmogy for reporting this issue.
Související informace
Právní upozornění
Dotčené produkty
Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual EditionVlastnosti článku
Číslo článku: 000385230
Typ článku: Dell Security Advisory
Poslední úprava: 18 pro 2025
Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell
Služby podpory
Zkontrolujte, zda se na vaše zařízení vztahují služby podpory.