Sign-up

ID

VAR-202604-0143


CVE

CVE-2026-27101


TITLE

Dell's secure connect gateway Past traversal vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973

DESCRIPTION

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker within the management network could potentially exploit this vulnerability, leading to remote execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-27101 // JVNDB: JVNDB-2026-009973

AFFECTED PRODUCTS

vendor:dellmodel:secure connect gatewayscope:ltversion:5.34.00.00

Trust: 1.0

vendor:dellmodel:secure connect gatewayscope:gteversion:5.28.00.00

Trust: 1.0

vendor:デルmodel:secure connect gatewayscope:eqversion: -

Trust: 0.8

vendor:デルmodel:secure connect gatewayscope: - version: -

Trust: 0.8

vendor:デルmodel:secure connect gatewayscope:eqversion:5.28.00.00 that's all 5.34.00.00

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973 // NVD: CVE-2026-27101

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com: CVE-2026-27101
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2026-27101
value: HIGH

Trust: 1.0

NVD: CVE-2026-27101
value: HIGH

Trust: 0.8

security_alert@emc.com: CVE-2026-27101
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 1.2
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-27101
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2026-27101
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973 // NVD: CVE-2026-27101 // NVD: CVE-2026-27101

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.0

problemtype:Path traversal (CWE-22) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973 // NVD: CVE-2026-27101

PATCH

title:DSA-2026-020url:https://www.dell.com/support/kbdoc/en-us/000438589/dsa-2026-020-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973

EXTERNAL IDS

db:NVDid:CVE-2026-27101

Trust: 2.6

db:JVNDBid:JVNDB-2026-009973

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973 // NVD: CVE-2026-27101

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000438589/dsa-2026-020-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-27101

Trust: 0.8

sources: JVNDB: JVNDB-2026-009973 // NVD: CVE-2026-27101

SOURCES

db:JVNDBid:JVNDB-2026-009973
db:NVDid:CVE-2026-27101

LAST UPDATE DATE

2026-04-07T23:25:06.676000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-009973date:2026-04-06T02:58:00
db:NVDid:CVE-2026-27101date:2026-04-02T20:42:37.060

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-009973date:2026-04-06T00:00:00
db:NVDid:CVE-2026-27101date:2026-04-01T08:16:05.270