Sensitive Information Disclosure in Dell Wyse ThinOS
CVE-2021-21597

7.2HIGH

Key Information:

Vendor: Dell
Status: Wyse Thinos
Vendor: CVE Published:; 10 August 2021

Summary

Dell Wyse ThinOS version 9.0 is susceptible to a sensitive information disclosure vulnerability. This issue allows an authenticated malicious user with physical access to the system to exploit the vulnerability and potentially access sensitive information contained in the log files. Proper security measures should be established to prevent unauthorized physical access to devices running this version.

Affected Version(s)

Wyse ThinOS 9.0

References

https://www.dell.com/support/kbdoc/000189543

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 10, 2021
Vulnerability Reserved
Jan 4, 2021