Article Number: 000189363
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String | |
CVE-2021-21586 | Dell Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user may exploit this vulnerability in order to read arbitrary files on the system. | 8.1 |
|
|
CVE-2021-21587 | Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to obtain the path of files and folders. | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String | |
CVE-2021-21586 | Dell Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user may exploit this vulnerability in order to read arbitrary files on the system. | 8.1 |
|
|
CVE-2021-21587 | Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to obtain the path of files and folders. | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Product | Affected Versions | Updated Version | Link to Update |
Dell Wyse Management Suite | Versions before version 3.3 | 3.3 | Dell Wyse Management Suite 3.3 |
Product | Affected Versions | Updated Version | Link to Update |
Dell Wyse Management Suite | Versions before version 3.3 | 3.3 | Dell Wyse Management Suite 3.3 |
Dell Technologies would like to thank Stephen Tomkinson and David Cash of NCC Group for reporting this issue.
Product Security Information, Wyse Management Suite
06 July 2021
1
Dell Security Advisory