{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T09:07:22.953","vulnerabilities":[{"cve":{"id":"CVE-2023-44294","sourceIdentifier":"security_alert@emc.com","published":"2024-02-14T09:15:35.743","lastModified":"2024-11-21T08:25:36.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nIn Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. \nThis issue may potentially lead to unintentional information disclosure from the product database.\n\n"},{"lang":"es","value":"En la aplicación Dell Secure Connect Gateway y el dispositivo Secure Connect Gateway (entre v5.10.00.00 y v5.18.00.00), se identificó un problema de seguridad en el que un usuario malintencionado con una sesión de usuario válida puede inyectar contenido malicioso en los filtros API de resto de colección. Este problema puede provocar potencialmente la divulgación involuntaria de información de la base de datos del producto."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.00.00","versionEndExcluding":"5.20.00.00","matchCriteriaId":"EDCB5C0A-8486-4562-B045-1F5D2A42818B"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000219372/dsa-2023-403-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-us/000219372/dsa-2023-403-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}