Sign-up

ID

VAR-202406-2467


CVE

CVE-2024-29169


TITLE

Dell's  secure connect gateway  In  SQL  Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095

DESCRIPTION

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing potential unauthorized access and modification of application data. Dell's secure connect gateway for, SQL There is an injection vulnerability.Information may be obtained and information may be tampered with

Trust: 1.62

sources: NVD: CVE-2024-29169 // JVNDB: JVNDB-2024-018095

AFFECTED PRODUCTS

vendor:dellmodel:secure connect gatewayscope:ltversion:5.24.00.14

Trust: 1.0

vendor:dellmodel:secure connect gatewayscope:gteversion:5.18.00.20

Trust: 1.0

vendor:デルmodel:secure connect gatewayscope: - version: -

Trust: 0.8

vendor:デルmodel:secure connect gatewayscope:eqversion:5.18.00.20 that's all 5.24.00.14

Trust: 0.8

vendor:デルmodel:secure connect gatewayscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095 // NVD: CVE-2024-29169

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com: CVE-2024-29169
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2024-29169
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-29169
value: HIGH

Trust: 1.0

NVD: CVE-2024-29169
value: HIGH

Trust: 0.8

security_alert@emc.com: CVE-2024-29169
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2024-29169
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-29169
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2024-29169
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095 // NVD: CVE-2024-29169 // NVD: CVE-2024-29169 // NVD: CVE-2024-29169

PROBLEMTYPE DATA

problemtype:CWE-89

Trust: 1.0

problemtype:SQL injection (CWE-89) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095 // NVD: CVE-2024-29169

EXTERNAL IDS

db:NVDid:CVE-2024-29169

Trust: 2.6

db:JVNDBid:JVNDB-2024-018095

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095 // NVD: CVE-2024-29169

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000225910/dsa-2024-181-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-29169

Trust: 0.8

sources: JVNDB: JVNDB-2024-018095 // NVD: CVE-2024-29169

SOURCES

db:JVNDBid:JVNDB-2024-018095
db:NVDid:CVE-2024-29169

LAST UPDATE DATE

2025-05-22T23:10:33.349000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-018095date:2025-02-05T08:13:00
db:NVDid:CVE-2024-29169date:2025-05-20T18:01:26.610

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-018095date:2025-02-05T00:00:00
db:NVDid:CVE-2024-29169date:2024-06-13T16:15:10.610