{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T16:57:37.265","vulnerabilities":[{"cve":{"id":"CVE-2024-24900","sourceIdentifier":"security_alert@emc.com","published":"2024-03-01T13:15:08.090","lastModified":"2025-05-20T18:54:40.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized devices added to policies. Exploitation may lead to information disclosure and unauthorized access to the system."},{"lang":"es","value":"Dell Secure Connect Gateway (SCG) Policy Manager, todas las versiones, contiene una vulnerabilidad de autorización incorrecta. Un atacante con pocos privilegios en una red adyacente podría explotar esta vulnerabilidad, lo que provocaría que se agreguen dispositivos no autorizados a las políticas. La explotación puede dar lugar a la divulgación de información y al acceso no autorizado al sistema."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:*:*:*:*:*:*:*:*","versionEndExcluding":"5.22.00.16","matchCriteriaId":"B2CBF543-D201-4529-A712-6E54C7577DE4"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities","source":"security_alert@emc.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}