CVE-2023-44294
CVSS V2 None
CVSS V3 None
Description
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API.
This issue may potentially lead to unintentional information disclosure from the product database.
Overview
- CVE ID
- CVE-2023-44294
- Assigner
- dell
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-14T08:24:00.579Z
- Last Modified Date
- 2024-02-14T08:24:00.579Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000219372/dsa-2023-403-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-44294 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44294 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 12:13:03 | Added to TrackCVE |