Details of VAR-202503-0879

ID

VAR-202503-0879

CVE

CVE-2025-26475

TITLE

Dell's secure connect gateway Authentication vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2025-005340

DESCRIPTION

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. Dell's secure connect gateway There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-26475 // JVNDB: JVNDB-2025-005340

AFFECTED PRODUCTS

vendor:	dell	model:	secure connect gateway	scope:	eq	version:	5.26.00.20	Trust: 1.0
vendor:	デル	model:	secure connect gateway	scope:	eq	version:	5.26.00.20	Trust: 0.8
vendor:	デル	model:	secure connect gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	secure connect gateway	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-005340 // NVD: CVE-2025-26475

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com:	CVE-2025-26475
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2025-26475
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2025-26475
value:	MEDIUM
Trust: 0.8

security_alert@emc.com:	CVE-2025-26475
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.3
impactScore:	3.7
version:	3.1
Trust: 2.0
NVD:	CVE-2025-26475
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-005340 // NVD: CVE-2025-26475 // NVD: CVE-2025-26475

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	Inappropriate authentication (CWE-287) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-005340 // NVD: CVE-2025-26475

EXTERNAL IDS

db:	NVD	id:	CVE-2025-26475	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-005340	Trust: 0.8

sources: JVNDB: JVNDB-2025-005340 // NVD: CVE-2025-26475

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-uk/000291028/dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-26475	Trust: 0.8

sources: JVNDB: JVNDB-2025-005340 // NVD: CVE-2025-26475

SOURCES

db:	JVNDB	id:	JVNDB-2025-005340
db:	NVD	id:	CVE-2025-26475

LAST UPDATE DATE

2025-05-23T23:23:13.224000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-005340	date:	2025-05-21T02:14:00
db:	NVD	id:	CVE-2025-26475	date:	2025-05-20T18:01:18.020

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-005340	date:	2025-05-21T00:00:00
db:	NVD	id:	CVE-2025-26475	date:	2025-03-19T16:15:31.030