admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-480xx/CVE-2024-48016.json
cad-safe-bot edd5f6f902 Auto-Update: 2024-10-21T18:00:21.462185+00:00
2024-10-21 18:03:24 +00:00

60 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-48016",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-10-18T17:15:13.380",
"lastModified": "2024-10-21T17:10:22.857",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use exposed credentials to access the system with privileges of the compromised account."
},
{
"lang": "es",
"value": "Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, versi\u00f3n(es) 5.24, contiene una vulnerabilidad de uso de un algoritmo criptogr\u00e1fico da\u00f1ado o riesgoso. Un atacante con pocos privilegios y acceso remoto podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la divulgaci\u00f3n de informaci\u00f3n. El atacante podr\u00eda usar credenciales expuestas para acceder al sistema con privilegios de la cuenta comprometida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink