Sensitive Information Disclosure Vulnerability in Dell Telemetry Dashboard
CVE-2024-30472

5.5MEDIUM

Key Information:

Vendor: Dell
Status: Wyse 5070 Thin Client
Vendor: CVE Published:; 13 June 2024

Summary

Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure.

Affected Version(s)

Wyse 5070 Thin Client Telemetry Dashboard v1.0.0.8 on Thin OS 2402

References

https://www.dell.com/support/kbdoc/en-us/000225289/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2024
Vulnerability Reserved
Mar 27, 2024

Credit

Dell would like to thank matrixpdb for reporting this issue.