DSA-2022-030: Dell Wyse Management Suite Security Update for Multiple Vulnerabilities
摘要: Dell Wyse Management Suite (WMS) contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
High
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-23155 | Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges may potentially exploit this vulnerability in order to execute arbitrary code on the system. | 7.2 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVEs | More information |
| Apache Log4j | CVE-2021-44832 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-23155 | Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges may potentially exploit this vulnerability in order to execute arbitrary code on the system. | 7.2 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVEs | More information |
| Apache Log4j | CVE-2021-44832 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE |
受影響的產品與補救措施
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Wyse Management Suite | 2.0 to 3.5.2 | 3.6 | Dell Wyse Management Suite |
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Wyse Management Suite | 2.0 to 3.5.2 | 3.6 | Dell Wyse Management Suite |
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2022-02-17 | Initial Release |
感謝
CVE-2022-23155: Dell Technologies would like to thank bugbounty2k20 for reporting this issue.
相關資訊
法律免責聲明
受影響的產品
Product Security Information, Wyse Management Suite文章屬性
文章編號: 000195918
文章類型: Dell Security Advisory
上次修改時間: 17 2月 2022
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。