Skip to main content

Secure Connect Gateway

19 CVEs product

Monthly

CVE-2025-46696 MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. [CVSS 6.4 MEDIUM]

Privilege Escalation Dell Secure Connect Gateway
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-26475 MEDIUM PATCH This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Dell Authentication Bypass Secure Connect Gateway
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-23382 MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-51539 LOW Monitor

The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Dell SQLi Secure Connect Gateway
NVD
CVSS 3.1
2.3
EPSS
0.1%
CVE-2024-48016 HIGH This Week

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-47241 HIGH This Week

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-47240 MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Dell Secure Connect Gateway
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-29169 HIGH This Week

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Dell Secure Connect Gateway
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-29168 HIGH This Week

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Dell Secure Connect Gateway
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-28969 MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-28968 MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28967 MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28966 MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28965 MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-22458 MEDIUM PATCH This Month

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Secure Connect Gateway
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-22457 HIGH PATCH This Week

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dell Secure Connect Gateway
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-28043 MEDIUM This Month

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-23695 MEDIUM This Month

Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2021-36340 MEDIUM This Month

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 6.4
MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. [CVSS 6.4 MEDIUM]

Privilege Escalation Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Dell Authentication Bypass Secure Connect Gateway
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD
EPSS 0% CVSS 2.3
LOW Monitor

The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Dell SQLi Secure Connect Gateway
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Dell +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Dell +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API (if enabled by Admin user from UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Dell Secure Connect Gateway
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy