CVE-2024-29168

Name of the Vulnerable Software and Affected Versions Dell SCG versions prior to 5.22.00.00

Description The issue concerns a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. A remote authenticated attacker could potentially exploit this, leading to the execution of certain SQL commands on the application's backend database, causing potential unauthorized access and modification of application data.

Recommendations For versions prior to 5.22.00.00, update to version 5.22.00.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the internal assets REST API to minimize the risk of exploitation.