Lucene search

[email protected]NVD:CVE-2022-33931

HistoryAug 10, 2022 - 5:15 p.m.

CVE-2022-33931

2022-08-1017:15:09

CWE-284

[email protected]

web.nvd.nist.gov

dell wyse management suite

vulnerability

ui access control

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

31.3%

JSON

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories.

Affected configurations

Nvd

Node

dellwyse_management_suiteRange<3.8.0

VendorProductVersionCPE
dellwyse_management_suite*cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	wyse_management_suite	*	cpe:2.3:a:dell:wyse_management_suite::::::::

References

www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

31.3%

JSON

Related for NVD:CVE-2022-33931

cnvd1 prion1 cvelist1 cve1 nessus1