Article Number: 000195918
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-23155 | Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges may potentially exploit this vulnerability in order to execute arbitrary code on the system. | 7.2 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Third-party Component | CVEs | More information |
Apache Log4j | CVE-2021-44832 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-23155 | Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges may potentially exploit this vulnerability in order to execute arbitrary code on the system. | 7.2 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Third-party Component | CVEs | More information |
Apache Log4j | CVE-2021-44832 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Wyse Management Suite | 2.0 to 3.5.2 | 3.6 | Dell Wyse Management Suite |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Wyse Management Suite | 2.0 to 3.5.2 | 3.6 | Dell Wyse Management Suite |
CVE-2022-23155: Dell Technologies would like to thank bugbounty2k20 for reporting this issue.
Revision | Date | Description |
1.0 | 2022-02-17 | Initial Release |
Product Security Information, Wyse Management Suite
17 Feb 2022
1
Dell Security Advisory