Improper Access Control in Dell Wyse Management Suite
CVE-2022-33924

4.3MEDIUM

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 10 August 2022

What is CVE-2022-33924?

Dell Wyse Management Suite versions 3.6.1 and earlier are susceptible to an improper access control vulnerability. This weakness allows attackers without necessary access privileges to exploit the system and create unauthorized rules, potentially leading to further compromises. It is critical for users to apply security updates promptly to mitigate any associated risks.

Affected Version(s)

Wyse Management Suite < 3.7

References

https://www.dell.com/support/kbdoc/en-us/000201383/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2022
Vulnerability Reserved
Jun 17, 2022