DSA-2025-104: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities
Samenvatting: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
Critical
Gegevens
|
Third-Party Component |
CVEs | More information |
| Commons-net | CVE-2021-37533 | https://nvd.nist.gov/vuln/search |
| Glibc | CVE-2025-0395 | https://nvd.nist.gov/vuln/search |
| Grub2 | CVE-2025-0622, CVE-2025-0624, CVE-2025-0677, CVE-2025-0678, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686, CVE-2025-0689, CVE-2025-0690, CVE-2025-1118, CVE-2025-1125 | https://nvd.nist.gov/vuln/search |
| HttpClient | CVE-2020-13956 | https://nvd.nist.gov/vuln/search |
| Kernel |
CVE-2021-47163, CVE-2021-47416, CVE-2021-47612, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48809, CVE-2022-48946, CVE-2022-48949, CVE-2022-48951, CVE-2022-48956, CVE-2022-48958, CVE-2022-48960, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48969, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2024-11187, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12133, CVE-2024-12747, CVE-2024-26644, CVE-2024-26801, CVE-2024-26804, CVE-2024-26852, CVE-2024-26976, CVE-2024-27043, CVE-2024-35847, CVE-2024-36484, CVE-2024-36883, CVE-2024-38538, CVE-2024-38589, CVE-2024-39476, CVE-2024-40965, CVE-2024-41013, CVE-2024-41082, CVE-2024-42114, CVE-2024-42131, CVE-2024-42253, CVE-2024-43374, CVE-2024-44931, CVE-2024-44958, CVE-2024-45774, CVE-2024-45775, CVE-2024-45776, CVE-2024-45777, CVE-2024-45778, CVE-2024-45779, CVE-2024-45780, CVE-2024-45781, CVE-2024-45782, CVE-2024-45783, CVE-2024-46724, CVE-2024-46755, CVE-2024-46802, CVE-2024-46809, CVE-2024-46813, CVE-2024-46816, CVE-2024-46818, CVE-2024-46826, CVE-2024-46834, CVE-2024-46840, CVE-2024-46841, CVE-2024-46848, CVE-2024-47141, CVE-2024-47220, CVE-2024-47666, CVE-2024-47670, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47678, CVE-2024-47679, CVE-2024-47684, CVE-2024-47685, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709, CVE-2024-47713, CVE-2024-47735, CVE-2024-47737, CVE-2024-47742, CVE-2024-47745, CVE-2024-47749, CVE-2024-47809, CVE-2024-47814, CVE-2024-48881, CVE-2024-49851, CVE-2024-49860, CVE-2024-49877, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49890, CVE-2024-49891, CVE-2024-49894, CVE-2024-49896, CVE-2024-49901, CVE-2024-49920, CVE-2024-49929, CVE-2024-49936, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949, CVE-2024-49957, CVE-2024-49958, CVE-2024-49959, CVE-2024-49962, CVE-2024-49965, CVE-2024-49966, CVE-2024-49967, CVE-2024-49982, CVE-2024-49991, CVE-2024-49995, CVE-2024-49996, CVE-2024-50006, CVE-2024-50007, CVE-2024-50024, CVE-2024-50033, CVE-2024-50035, CVE-2024-50039, CVE-2024-50045, CVE-2024-50047, CVE-2024-50058, CVE-2024-50099, CVE-2024-50142, CVE-2024-50143, CVE-2024-50151, CVE-2024-50166, CVE-2024-50179, CVE-2024-50194, CVE-2024-50199, CVE-2024-50210, CVE-2024-50211, CVE-2024-50228, CVE-2024-50256, CVE-2024-50262, CVE-2024-50280, CVE-2024-50287, CVE-2024-50299, CVE-2024-52332, CVE-2024-52533, CVE-2024-53057, CVE-2024-53101, CVE-2024-53112, CVE-2024-53136, CVE-2024-53141, CVE-2024-53142, CVE-2024-53144, CVE-2024-53146, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53172, CVE-2024-53173, CVE-2024-53179, CVE-2024-53185, CVE-2024-53197, CVE-2024-53198, CVE-2024-53210, CVE-2024-53214, CVE-2024-53224, CVE-2024-53227, CVE-2024-53239, CVE-2024-53240, CVE-2024-55916, CVE-2024-56369, CVE-2024-56531, CVE-2024-56532, CVE-2024-56533, CVE-2024-56539, CVE-2024-56548, CVE-2024-56551, CVE-2024-56569, CVE-2024-56570, CVE-2024-56574, CVE-2024-56587, CVE-2024-56593, CVE-2024-56594, CVE-2024-56599, CVE-2024-5660, CVE-2024-56600, CVE-2024-56601, CVE-2024-56603, CVE-2024-56604, CVE-2024-56605, CVE-2024-56606, CVE-2024-56615, CVE-2024-56616,, CVE-2024-56623, CVE-2024-56630, CVE-2024-56631, CVE-2024-56637, CVE-2024-56641, CVE-2024-56642, CVE-2024-56643, CVE-2024-56650, CVE-2024-56661, CVE-2024-56662, CVE-2024-56664, CVE-2024-56681, CVE-2024-56700, CVE-2024-56704, CVE-2024-56722, CVE-2024-56724, CVE-2024-56737, CVE-2024-56739, CVE-2024-56747, CVE-2024-56748, CVE-2024-56756, CVE-2024-56759, CVE-2024-56763, CVE-2024-56769, CVE-2024-57791, CVE-2024-57849, CVE-2024-57884, CVE-2024-57887, CVE-2024-57888, CVE-2024-57890, CVE-2024-57892, CVE-2024-57893, CVE-2024-57896, CVE-2024-57899, CVE-2024-57903, CVE-2024-57922, CVE-2024-57929, CVE-2024-57931, CVE-2024-57932, CVE-2024-57938, CVE-2024-8805, CVE-2024-9681 CVE-2024-26886, CVE-2024-27051, CVE-2024-35937, CVE-2024-36886, CVE-2024-36905, CVE-2024-42098, CVE-2024-42229, CVE-2024-44995, CVE-2024-45016, CVE-2024-46771, CVE-2024-46777, CVE-2024-46800, CVE-2024-47660, CVE-2024-47701, CVE-2024-49858, CVE-2024-49868, CVE-2024-49921, CVE-2024-49925, CVE-2024-49938, CVE-2024-49945, CVE-2024-49950, CVE-2024-49952, CVE-2024-50044, CVE-2024-50055, CVE-2024-50073, CVE-2024-50074, CVE-2024-50095, CVE-2024-50115, CVE-2024-50117, CVE-2024-50125, CVE-2024-50135, CVE-2024-50148, CVE-2024-50150, CVE-2024-50154, CVE-2024-50167, CVE-2024-50171, CVE-2024-50183, CVE-2024-50187, CVE-2024-50195, CVE-2024-50218, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50289, CVE-2024-50290, CVE-2024-50296, CVE-2024-50301, CVE-2024-50302, CVE-2024-53058, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53085, CVE-2024-53088, CVE-2024-53104, CVE-2024-53114 CVE-2025-21653, CVE-2025-21664, CVE-2025-21678, CVE-2025-21682 |
https://nvd.nist.gov/vuln/search |
|
Libcurl |
CVE-2023-38545, CVE-2025-0167, CVE-2025-0725 |
https://nvd.nist.gov/vuln/search |
| Logback-classic |
CVE-2024-12798 |
https://nvd.nist.gov/vuln/search |
| Logback-core |
CVE-2024-12798 |
https://nvd.nist.gov/vuln/search |
| Netty |
CVE-2024-29025, CVE-2024-47535, CVE-2025-24970 |
https://nvd.nist.gov/vuln/search |
| OpenSSH |
CVE-2025-26465 |
https://nvd.nist.gov/vuln/search |
| OpenSSL |
CVE-2021-3712, CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0286, CVE-2023-0215, CVE-2024-5535 |
https://nvd.nist.gov/vuln/search |
| spring-context |
CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| spring-core |
CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| spring-security-web |
CVE-2024-38821 |
https://nvd.nist.gov/vuln/search |
| spring-web |
CVE-2024-22262 |
https://nvd.nist.gov/vuln/search |
| Spring-webmvc |
CVE-2024-38819, CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| Tomcat-embed-core |
CVE-2024-50379, CVE-2024-56337 |
https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-23382 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. |
4.7 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
| CVE-2025-26475 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-23382 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. |
4.7 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
| CVE-2025-26475 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
Getroffen producten en herstel
| Product | Affected Versions | Updated Version | Link to Update |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.28.00.14 | Version 5.28.00.14 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
| Product | Affected Versions | Updated Version | Link to Update |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.28.00.14 | Version 5.28.00.14 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2025-03-04 | Initial Release |
| 2.0 | 2025-03-04 | Corrected the CVE score URL |
| 3.0 | 2025-03-19 | Updated the CVE description for CVE-2025-26475 |
| 4.0 | 2025-03-19 | Updated for enhanced presentation with no changes to the content |
| 5.0 | 2025-04-24 | Removed CVE-2024-13176 from the DSA |
| 6.0 | 2025-07-08 | Updated the category section |
| 7.0 | 2025-07-23 | Updated the category section |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual EditionArtikeleigenschappen
Artikelnummer: 000291028
Artikeltype: Dell Security Advisory
Laatst aangepast: 23 jul. 2025
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.