DSA-2021-069: Dell Wyse ThinOS 8.6 Security Update for an Improper Management Server Validation Vulnerability
Summary: Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that may potentially be exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21532 | Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | 5.6 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21532 | Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | 5.6 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
Affected Products & Remediation
The following is a list of impacted products and remediations. Customers should use the latest releases available which use secure default configurations.
| Product | Affected Version(s) | Updated Version(s) | Link to Update | |
| Dell Wyse 3040 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 3040 Thin Client (ENG) | |
| Dell Wyse 3040 Thin Client (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client (JPN) | |
| Dell Wyse 3040 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client with PCoIP (ENG) | |
| Dell Wyse 3040 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5010 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5010 Thin Client (ENG) | |
| Dell Wyse 5010 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5010 Thin Client (JPN) | |
| Dell Wyse 5010 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5010 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5010 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5010 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5040 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5040 Thin Client (ENG) | |
| Dell Wyse 5040 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5040 Thin Client (JPN) | |
| Dell Wyse 5040 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5040 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5040 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5040 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5060 Thin Client (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client (ENG) | |
| Dell Wyse 5060 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5060 Thin Client (JPN) | |
| Dell Wyse 5060 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5060 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5070 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5070 Thin Client (ENG) | |
| Dell Wyse 5070 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5070 Thin Client (JPN) | |
| Dell Wyse 5070 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5070 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5070 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5070 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5470 AIO Thin Client (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client (ENG) | |
| Dell Wyse 5470 AIO Thin Client (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client (JPN) | |
| Dell Wyse 5470 AIO Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client with PCoIP (EN) | |
| Dell Wyse 5470 AIO Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client with PCoIP (JPN) | |
| Dell Wyse 5470 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client (ENG) | |
| Dell Wyse 5470 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client (JPN) | |
| Dell Wyse 5470 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5470 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 Thin Client with PCoIP (JPN) | |
| Dell Wyse 7010 Thin Client (EN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 7010 Thin Client (ENG) | |
| Dell Wyse 7010 thin client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 7010 thin client (JPN) |
The following is a list of impacted products and remediations. Customers should use the latest releases available which use secure default configurations.
| Product | Affected Version(s) | Updated Version(s) | Link to Update | |
| Dell Wyse 3040 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 3040 Thin Client (ENG) | |
| Dell Wyse 3040 Thin Client (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client (JPN) | |
| Dell Wyse 3040 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client with PCoIP (ENG) | |
| Dell Wyse 3040 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 3040 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5010 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5010 Thin Client (ENG) | |
| Dell Wyse 5010 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5010 Thin Client (JPN) | |
| Dell Wyse 5010 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5010 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5010 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5010 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5040 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5040 Thin Client (ENG) | |
| Dell Wyse 5040 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5040 Thin Client (JPN) | |
| Dell Wyse 5040 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5040 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5040 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5040 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5060 Thin Client (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client (ENG) | |
| Dell Wyse 5060 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5060 Thin Client (JPN) | |
| Dell Wyse 5060 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5060 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5060 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5070 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5070 Thin Client (ENG) | |
| Dell Wyse 5070 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5070 Thin Client (JPN) | |
| Dell Wyse 5070 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5070 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5070 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5070 Thin Client with PCoIP (JPN) | |
| Dell Wyse 5470 AIO Thin Client (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client (ENG) | |
| Dell Wyse 5470 AIO Thin Client (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client (JPN) | |
| Dell Wyse 5470 AIO Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client with PCoIP (EN) | |
| Dell Wyse 5470 AIO Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 AIO Thin Client with PCoIP (JPN) | |
| Dell Wyse 5470 Thin Client (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client (ENG) | |
| Dell Wyse 5470 Thin Client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client (JPN) | |
| Dell Wyse 5470 Thin Client with PCoIP (ENG) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 5470 Thin Client with PCoIP (ENG) | |
| Dell Wyse 5470 Thin Client with PCoIP (JPN) | Versions prior to 8.6 MR9 |
8.6 MR9 | Dell Wyse 5470 Thin Client with PCoIP (JPN) | |
| Dell Wyse 7010 Thin Client (EN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 7010 Thin Client (ENG) | |
| Dell Wyse 7010 thin client (JPN) | Versions prior to 8.6 MR9 | 8.6 MR9 | Dell Wyse 7010 thin client (JPN) |
Revision History
| Revision | Date | Description |
| 1.0 | 2021-3-31 | Initial Release |
Acknowledgements
Dell would like to thank Emanuel Rodrigues for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
Dell ThinOSProducts
Product Security InformationArticle Properties
Article Number: 000184665
Article Type: Dell Security Advisory
Last Modified: 18 Sep 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.