Medium
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023- 44293 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. |
5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
CVE-2023- 44294 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may potentially lead to unintentional information disclosure from the product database. |
5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023- 44293 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. |
5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
CVE-2023- 44294 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may potentially lead to unintentional information disclosure from the product database. |
5.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Secure Connect Gateway-Application | Between v5.10.00.00 and v5.18.00.00 | 5.20.00 | Secure Connect Gateway | Application |
Secure Connect Gateway-Appliance | Between v5.10.00.00 and v5.18.00.00 | 5.20.00 | Secure Connect Gateway | Appliance |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Secure Connect Gateway-Application | Between v5.10.00.00 and v5.18.00.00 | 5.20.00 | Secure Connect Gateway | Application |
Secure Connect Gateway-Appliance | Between v5.10.00.00 and v5.18.00.00 | 5.20.00 | Secure Connect Gateway | Appliance |
CVE ID | Workaround and Mitigation |
---|---|
CVE-2023- 44293 | Users need to keep the Secure Connect Gateway-Application and Secure Connect Gateway-Appliance updated to the latest version. |
CVE-2023- 44294 | Users need to keep the Secure Connect Gateway-Application and Secure Connect Gateway-Appliance updated to the latest version. |
Revision | Date | Description |
---|---|---|
1.0 | 2023-11-08 | Initial Release |