Vulnerability Details CVE-2024-51539
The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability can only be exploited locally on the affected system. A high-privilege attacker with access to the system could potentially exploit this vulnerability, leading to the disclosure of non-sensitive information that does not include any customer data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 2.3
Products affected by CVE-2024-51539
-
cpe:2.3:a:dell:secure_connect_gateway:5.10.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.12.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.14.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.14.00.16
-
cpe:2.3:a:dell:secure_connect_gateway:5.16.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.18.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.18.00.20
-
cpe:2.3:a:dell:secure_connect_gateway:5.20.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.22.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.24.00.00
-
cpe:2.3:a:dell:secure_connect_gateway:5.24.00.14
-
cpe:2.3:a:dell:secure_connect_gateway:5.26.00.00