Описание
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and communicating with the remote server.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dell:secure_connect_gateway:5.20.00.10:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00873
Низкий
7.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-290
Связанные уязвимости
CVSS3: 7.1
github
почти 2 года назад
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and communicating with the remote server.
EPSS
Процентиль: 75%
0.00873
Низкий
7.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-290