CVE-2024-22458

EPSS 0.09%
Published 01.03.2024 11:15:07
Last modified 04.12.2024 17:19:03
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Secure Connect Gateway Version5.18.00.20

Dell ≫ Secure Connect Gateway Version5.20.00.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.262

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
security_alert@emc.com	3.7	2.2	1.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://www.dell.com/support/kbdoc/en-us/000222433/dsa-2024-076-security-update-for-dell-secure-connect-gateway-appliance-vulnerabilities

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-22458

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-22458

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-22458

EUVD