DSA-2026-103: Security Update for Dell Wyse Management Suite (WMS) for Multiple Vulnerabilities
概要: Dell Wyse Management Suite (WMS) remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.
この記事は次に適用されます:
この記事は次には適用されません:
この記事は、特定の製品に関連付けられていません。
すべての製品パージョンがこの記事に記載されているわけではありません。
影響
High
詳細
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-22765 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
8.8 |
|
|
CVE-2026-22766 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. |
7.2 |
|
|
CVE-2026-23858 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection. |
5.4 |
|
|
CVE-2026-23859 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass. |
2.7 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-22765 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
8.8 |
|
|
CVE-2026-22766 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. |
7.2 |
|
|
CVE-2026-23858 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection. |
5.4 |
|
|
CVE-2026-23859 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass. |
2.7 |
影響を受ける製品と修復
|
Product |
Affected Versions |
Remediated Versions |
Release Date |
Link |
|
Dell Wyse Management Suite |
Versions prior to 5.5 |
Version 5.5 or later |
02/23/2026 |
|
Product |
Affected Versions |
Remediated Versions |
Release Date |
Link |
|
Dell Wyse Management Suite |
Versions prior to 5.5 |
Version 5.5 or later |
02/23/2026 |
変更履歴
|
Revision |
Date |
Description |
|
1.0 |
2026-02-24 |
Initial Release |
|
2.0 |
2026-03-20 |
Updated advisory with no change to technical content |
関連情報
法的免責事項
対象製品
Wyse Management Suite文書のプロパティ
文書番号: 000429141
文書の種類: Dell Security Advisory
最終更新: 20 3月 2026
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。