Описание
The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability can only be exploited locally on the affected system. A high-privilege attacker with access to the system could potentially exploit this vulnerability, leading to the disclosure of non-sensitive information that does not include any customer data.
Уязвимые конфигурации
EPSS
2.3 Low
CVSS3
Дефекты
Связанные уязвимости
The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability can only be exploited locally on the affected system. A high-privilege attacker with access to the system could potentially exploit this vulnerability, leading to the disclosure of non-sensitive information that does not include any customer data.
Уязвимость программного обеспечения для удаленной ИТ-поддержки и мониторинга Dell Secure Connect Gateway (SCG), связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
2.3 Low
CVSS3