Improper Authorization Vulnerability in Wyse Management Suite by Dell
CVE-2023-32482

4.9MEDIUM

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 20 July 2023

Summary

Wyse Management Suite versions before 4.0 are susceptible to an improper authorization vulnerability. This flaw allows an authenticated attacker with privileged access to erroneously push configurations to unauthorized tenant groups, potentially compromising the integrity of system management and data security.

Affected Version(s)

Wyse Management Suite 4.0 and below

References

https://www.dell.com/support/kbdoc/en-us/000215351/dsa-20...

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 20, 2023
Vulnerability Reserved
May 9, 2023