DSA-2025-386: Security Update for Dell Secure Connect Gateway REST API
Summary: Dell Secure Connect Gateway Application and Appliance remediation is available for security vulnerability that can be exploited by a malicious user with a valid session to allow relative path traversal to restricted resources. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-46363 | Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low privileged attacker with remote access could potentially exploit this vulnerability, leading to allowing relative path traversal to restricted resources. | 4.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-46363 | Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low privileged attacker with remote access could potentially exploit this vulnerability, leading to allowing relative path traversal to restricted resources. | 4.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Affected Products & Remediation
| Product | Affected Versions | Remediated Versions | Link |
| Secure Connect Gateway-Application | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers |
| Secure Connect Gateway-Appliance | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Secure Connect Gateway-Application | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers |
| Secure Connect Gateway-Appliance | Versions 5.26.00 through 5.30.00 | Version 5.32.00 or later | https://www.dell.com/support/home/product-support/product/secure-connect-gateway-ve/drivers |
Revision History
| Revision | Date | Description |
| 1.0 | 2025-10-29 | Initial Release |
Acknowledgements
CVE-2025-46363: Dell would like to thank Ahmed Y. Elmogy for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual EditionArticle Properties
Article Number: 000385239
Article Type: Dell Security Advisory
Last Modified: 29 Oct 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.