Wyse Management Suite Security Vulnerabilities - CVSS Score 5 - 6

CVE-2020-29497

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious HTML or JavaScript code under the device tag. When victim users access the submitted da...

CVE-2021-21587

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files and folders.

CVE-2022-33924

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules.

CVE-2022-46675

Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A unauthenticated attacker could potentially discover the internal structure of the application and its components and use this information for further vulnerability research.