CVE-2024-51539

Name of the Vulnerable Software and Affected Versions Dell Secure Connect Gateway (SCG) Application and Appliance versions prior to 5.28

Description The issue is due to improper neutralization of special elements used in an SQL command, leading to a SQL injection vulnerability. This can be exploited locally on the affected system by a high-privilege attacker, potentially resulting in the disclosure of non-sensitive information that does not include any customer data.

Recommendations For versions prior to 5.28, update to version 5.28 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation.