Improper Access Control in Dell Wyse Management Suite
CVE-2022-33931

6.3MEDIUM

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 10 August 2022

Summary

Dell Wyse Management Suite versions 3.6.1 and earlier are susceptible to an improper access control vulnerability within their user interface. This flaw allows an unauthorized attacker to manipulate alert categories without having access to the Alert Classification page, potentially compromising the integrity of the system's alert management. Organizations utilizing these affected versions should prioritize updating to mitigate this security risk.

Affected Version(s)

Wyse Management Suite < 3.7

References

https://www.dell.com/support/kbdoc/en-us/000201383/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 10, 2022
Vulnerability Reserved
Jun 17, 2022