Article Number: 000196005
Medium
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-23156 | Wyse Device Agent version 14.6.1.4 and below contains an Improper Authentication vulnerability. A malicious user may potentially exploit this vulnerability by providing invalid input to obtain a connection to WMS server. | 6.0 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
CVE-2022-23158 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with admin privilege may potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server | 6.0 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
CVE-2022-23157 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. An authenticated malicious user may potentially exploit this vulnerability to view sensitive information from the WMS Server | 4.4 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-23156 | Wyse Device Agent version 14.6.1.4 and below contains an Improper Authentication vulnerability. A malicious user may potentially exploit this vulnerability by providing invalid input to obtain a connection to WMS server. | 6.0 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
CVE-2022-23158 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with admin privilege may potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server | 6.0 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
CVE-2022-23157 | Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. An authenticated malicious user may potentially exploit this vulnerability to view sensitive information from the WMS Server | 4.4 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Wyse Device Agent | 14.6.1.4 and earlier | 14.6.2.13 | Dell Wyse Device Agent |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Wyse Device Agent | 14.6.1.4 and earlier | 14.6.2.13 | Dell Wyse Device Agent |
Revision | Date | Description |
1.0 | 2022-2-17 | Initial Release |
Product Security Information, Wyse Management Suite
17 Feb 2022
1
Dell Security Advisory