Cross-Site Request Forgery Vulnerability in Dell Wyse Management Suite
CVE-2025-36576

2.7LOW

Key Information:

Vendor: Dell
Status: Wyse Management Suite
Vendor: CVE Published:; 10 June 2025

What is CVE-2025-36576?

The Dell Wyse Management Suite, specifically in versions released prior to 5.2, is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This allows a high-privileged attacker with remote access to exploit the weakness, potentially leading to unauthorized server-side requests. If exploited, this vulnerability could enable attackers to perform actions on behalf of users without their consent or knowledge, jeopardizing sensitive information and the overall integrity of the server.

Affected Version(s)

Wyse Management Suite < 5.2

References

https://www.dell.com/support/kbdoc/en-us/000325679/dsa-20...

vendor-advisory

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Apr 15, 2025