Dell Policy Manager Secure Connect Gateway
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Policy Manager Secure Connect Gateway.
By the Year
In 2026 there have been 0 vulnerabilities in Dell Policy Manager Secure Connect Gateway. Policy Manager Secure Connect Gateway did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 7 | 7.93 |
| 2023 | 5 | 8.62 |
It may take a day or so for new Policy Manager Secure Connect Gateway vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Policy Manager Secure Connect Gateway Security Vulnerabilities
SCG Policy Manager CORP Overly Permissive Vulnerability
CVE-2024-37131
9.8 - Critical
- June 13, 2024
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated user.
Incorrect Comparison
Dell SCG Policy Manager Stored XSS via Filters Page
CVE-2024-24907
7.6 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
XSS
Dell SCG Policy Manager: Stored XSS can lead to code exec
CVE-2024-24905
7.6 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
XSS
Dell SCG Policy Manager Stored XSS (CVE-2024-24904)
CVE-2024-24904
7.6 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
XSS
Dell SCG Policy Manager weak pass reset token leakage (before 5.10)
CVE-2024-24903
8 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.
Weak Password Recovery Mechanism for Forgotten Password
Dell Secure Connect GW Policy Manager Stored XSS
CVE-2024-24906
7.6 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
XSS
Dell SCG Policy Manager Improper Auth: Allows Unauthorized Device Addition
CVE-2024-24900
7.3 - High
- March 01, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized devices added to policies. Exploitation may lead to information disclosure and unauthorized access to the system.
AuthZ
Dell SCG Policy Manager 5.16.00.14 broken crypto algo enabling MitM
CVE-2023-39252
5.9 - Medium
- September 21, 2023
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
Use of a Broken or Risky Cryptographic Algorithm
Hardcoded Password in Dell EMC SCG Policy Manager 5.105.12
CVE-2022-34462
7.8 - High
- January 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Use of Hard-coded Credentials
Dell EMC SCG Policy Manager 5.10-5.12 Hard-coded Key Vulnerability
CVE-2022-34442
9.8 - Critical
- January 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.
Use of Hard-coded Credentials
Dell EMC SCG Policy Manager Hard-Coded Cryptographic Key (v5.10-5.12)
CVE-2022-34441
9.8 - Critical
- January 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Use of Hard-coded Credentials
Dell EMC SCG Policy Manager 5.10-5.12 Hard-Coded Key CVE-2022-34440
CVE-2022-34440
9.8 - Critical
- January 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Use of Hard-coded Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Policy Manager Secure Connect Gateway or by Dell? Click the Watch button to subscribe.
