Unintentional Information Disclosure Vulnerability in Dell Secure Connect Gateway Application and Appliance

Unintentional Information Disclosure Vulnerability in Dell Secure Connect Gateway Application and Appliance

CVE-2023-44294 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may potentially lead to unintentional information disclosure from the product database.

Learn more about our Api Penetration Testing.