CVE-2024-24903 (GCVE-0-2024-24903)
Vulnerability from cvelistv5 – Published: 2024-03-01 13:30 – Updated: 2024-08-05 18:42
VLAI?
Summary
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.
Severity ?
CWE
- CWE-640 - Weak Password Recovery Mechanism for Forgotten Password
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Secure Connect Gateway (SCG) Policy Manager |
Affected:
5.10 , ≤ 5.20.00.16
(semver)
|
Credits
kosmosec
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:12.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dell:secure_connect_gateway_policy_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "secure_connect_gateway_policy_manager",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "5.20.00.16",
"status": "affected",
"version": "5.10",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:40:31.633396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:42:07.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Connect Gateway (SCG) Policy Manager",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "5.20.00.16",
"status": "affected",
"version": "5.10",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "kosmosec"
}
],
"datePublic": "2024-02-29T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change."
}
],
"value": "Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-640",
"description": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-01T13:30:30.579Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-24903",
"datePublished": "2024-03-01T13:30:30.579Z",
"dateReserved": "2024-02-01T13:40:59.758Z",
"dateUpdated": "2024-08-05T18:42:07.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.10.00.10\", \"versionEndExcluding\": \"5.22.00.16\", \"matchCriteriaId\": \"92F6556D-7B58-4EEC-8223-6136973E083A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.\"}, {\"lang\": \"es\", \"value\": \"Dell Secure Connect Gateway (SCG) Policy Manager, versi\\u00f3n 5.10+, contiene un mecanismo d\\u00e9bil de recuperaci\\u00f3n de contrase\\u00f1as olvidadas. Un atacante con pocos privilegios en una red adyacente podr\\u00eda explotar esta vulnerabilidad, lo que provocar\\u00eda un acceso no autorizado a la aplicaci\\u00f3n con privilegios de la cuenta comprometida. El atacante podr\\u00eda recuperar el token de restablecimiento de contrase\\u00f1a sin autorizaci\\u00f3n y luego realizar el cambio de contrase\\u00f1a.\"}]",
"id": "CVE-2024-24903",
"lastModified": "2024-12-05T16:45:06.087",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security_alert@emc.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 5.9}]}",
"published": "2024-03-01T14:15:53.320",
"references": "[{\"url\": \"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\", \"source\": \"security_alert@emc.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"security_alert@emc.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-640\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-24903\",\"sourceIdentifier\":\"security_alert@emc.com\",\"published\":\"2024-03-01T14:15:53.320\",\"lastModified\":\"2025-05-20T18:56:09.483\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.\"},{\"lang\":\"es\",\"value\":\"Dell Secure Connect Gateway (SCG) Policy Manager, versi\u00f3n 5.10+, contiene un mecanismo d\u00e9bil de recuperaci\u00f3n de contrase\u00f1as olvidadas. Un atacante con pocos privilegios en una red adyacente podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda un acceso no autorizado a la aplicaci\u00f3n con privilegios de la cuenta comprometida. El atacante podr\u00eda recuperar el token de restablecimiento de contrase\u00f1a sin autorizaci\u00f3n y luego realizar el cambio de contrase\u00f1a.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-640\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10.00.10\",\"versionEndExcluding\":\"5.22.00.16\",\"matchCriteriaId\":\"6B43A85D-413C-4D5A-A2C0-A6A75A4A0381\"}]}]}],\"references\":[{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\",\"source\":\"security_alert@emc.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:28:12.904Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-24903\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-05T18:40:31.633396Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:dell:secure_connect_gateway_policy_manager:*:*:*:*:*:*:*:*\"], \"vendor\": \"dell\", \"product\": \"secure_connect_gateway_policy_manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.20.00.16\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-05T18:41:55.396Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"kosmosec\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Dell\", \"product\": \"Secure Connect Gateway (SCG) Policy Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.20.00.16\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-02-29T06:30:00.000Z\", \"references\": [{\"url\": \"https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-640\", \"description\": \"CWE-640: Weak Password Recovery Mechanism for Forgotten Password\"}]}], \"providerMetadata\": {\"orgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"shortName\": \"dell\", \"dateUpdated\": \"2024-03-01T13:30:30.579Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-24903\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-05T18:42:07.112Z\", \"dateReserved\": \"2024-02-01T13:40:59.758Z\", \"assignerOrgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"datePublished\": \"2024-03-01T13:30:30.579Z\", \"assignerShortName\": \"dell\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…