Information Disclosure Vulnerability in Dell Wyse Management Suite
CVE-2022-33930

4.3MEDIUM

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 10 August 2022

What is CVE-2022-33930?

The Dell Wyse Management Suite, specifically version 3.6.1 and earlier, is susceptible to a vulnerability that can lead to information disclosure. This issue arises from improper handling of error pages in devices managed by the suite. Attackers exploiting this vulnerability could potentially gain access to sensitive information, which might be leveraged to conduct further attacks or enhance their malicious research efforts. It is crucial for users to ensure they are running the latest version and to apply security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

Wyse Management Suite < 3.7

References

https://www.dell.com/support/kbdoc/en-us/000201383/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2022
Vulnerability Reserved
Jun 17, 2022