Sensitive Information Disclosure in Wyse Management Suite by Dell
CVE-2023-32483

4.4MEDIUM

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 20 July 2023

Summary

Wyse Management Suite versions prior to 4.0 are susceptible to a sensitive information disclosure vulnerability, which can be exploited by an authenticated attacker with local system access. This vulnerability enables the malicious actor to read sensitive data logged by the application, posing a significant risk to data confidentiality.

Affected Version(s)

Wyse Management Suite 4.0 and below

References

https://www.dell.com/support/kbdoc/en-us/000215351/dsa-20...

vendor-advisory

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 20, 2023
Vulnerability Reserved
May 9, 2023