Sensitive Data Exposure in Dell Wyse Device Agent Software
CVE-2021-36341

5.5MEDIUM

Key Information:

Vendor: Dell
Status: Dell Wyse Device Agent
Vendor: CVE Published:; 21 December 2021

Summary

The Dell Wyse Device Agent software, specifically versions up to and including 14.5.4.1, is susceptible to a vulnerability that allows a local authenticated user with limited access to potentially exploit and retrieve sensitive information. This could pose significant risks to data confidentiality, making it vital for organizations using this software to assess and mitigate potential exposure.

Affected Version(s)

Dell Wyse Device Agent <= 14.5.4.1

References

https://www.dell.com/support/kbdoc/en-us/000193151

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 21, 2021
Vulnerability Reserved
Jul 8, 2021