CVE-2024-48016

MEDIUM

Dell Secure Connect Gateway - Broken Cryptographic Algorithm

Title source: rule

Description

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use exposed credentials to access the system with privileges of the compromised account.

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities

Scores

CVSS v3 4.6

EPSS 0.0014

EPSS Percentile 33.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-327

Status published

Products (1)

dell/secure_connect_gateway 5.24.00.14

Published Oct 18, 2024

Tracked Since Feb 18, 2026