{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T18:38:23.326","vulnerabilities":[{"cve":{"id":"CVE-2024-29168","sourceIdentifier":"security_alert@emc.com","published":"2024-06-13T15:15:52.433","lastModified":"2024-11-21T09:07:42.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing potential unauthorized access and modification of application data."},{"lang":"es","value":"Dell SCG, versiones anteriores a 5.22.00.00, contienen una vulnerabilidad de inyección SQL en la interfaz de usuario de SCG para una API REST de activos internos. Un atacante autenticado remoto podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de ciertos comandos SQL en la base de datos backend de la aplicación, lo que provocaría un posible acceso no autorizado y modificación de los datos de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18.00.20","versionEndIncluding":"5.22.00.18","matchCriteriaId":"E22B308F-DD41-4598-81D0-5A10E43372DB"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000225910/dsa-2024-181-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-us/000225910/dsa-2024-181-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}