DSA-2021-144: Dell Wyse ThinOS Security Update for Multiple Vulnerabilities

상세한 문서

영향

세부 정보

영향을 받는 제품 및 문제 해결

개정 내역

요약: Dell Wyse ThinOS (9.x) remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.

High

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2021-21597	Dell Wyse ThinOS (9.x), version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system may exploit this vulnerability to read sensitive information written to the log files.	7.2	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21598	Dell Wyse ThinOS (9.x), versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system may exploit this vulnerability to read sensitive Smartcard data in log files.	3.9	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2021-21597	Dell Wyse ThinOS (9.x), version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system may exploit this vulnerability to read sensitive information written to the log files.	7.2	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21598	Dell Wyse ThinOS (9.x), versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system may exploit this vulnerability to read sensitive Smartcard data in log files.	3.9	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

Product	Affected Versions	Updated versions	Link to update
Dell Wyse 3040 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 3040 Thin Client
Dell Wyse 3040 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 3040 Thin Client with PCoIP
Dell Wyse 5070 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5070 Thin Client
Dell Wyse 5470 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5470 Thin Client
Dell Wyse 5470 All-in-One Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5470 All-in-One Thin Client
Dell Wyse 5070 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5070 Thin Client with PCoIP
Dell Wyse 5470 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5470 Thin Client with PCoIP
Dell Wyse 5470 All-in-One Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5470 All-in-One Thin Client with PCoIP

Product	Affected Versions	Updated versions	Link to update
Dell Wyse 3040 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 3040 Thin Client
Dell Wyse 3040 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 3040 Thin Client with PCoIP
Dell Wyse 5070 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5070 Thin Client
Dell Wyse 5470 Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5470 Thin Client
Dell Wyse 5470 All-in-One Thin Client	9.0, 9.1	9.1 MR3	Dell Wyse 5470 All-in-One Thin Client
Dell Wyse 5070 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5070 Thin Client with PCoIP
Dell Wyse 5470 Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5470 Thin Client with PCoIP
Dell Wyse 5470 All-in-One Thin Client with PCoIP	9.0, 9.1	9.1 MR3	Dell Wyse 5470 All-in-One Thin Client with PCoIP

Revision	Date	Description
1.0	2021-07-21	Initial Release

Product Security Information, Dell ThinOS

문서 번호: 000189543

문서 유형: Dell Security Advisory

마지막 수정 시간: 18 9월 2025

디바이스에 지원 서비스가 적용되는지 확인하십시오.