exploitDog

CVE-2024-47240

Опубликовано: 18 окт. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 6.3

EPSS Низкий

Описание

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.

Ссылки

https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:secure_connect_gateway:5.24.00.14:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

5.5 Medium

CVSS3

6.3 Medium

CVSS3

Дефекты

CWE-276

Связанные уязвимости

GHSA-h63p-hhc7-jcp7

CVSS3: 5.5

github

больше 1 года назад

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition.

EPSS

Процентиль: 24%

0.00079

Низкий

5.5 Medium

CVSS3

6.3 Medium

CVSS3

Дефекты

CWE-276