Lucene search

K

9 matches found

CVE
CVE
added 2023/07/20 12:15 p.m.162 views

CVE-2023-32483

Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.

4.4CVSS4.1AI score0.00022EPSS
CVE
CVE
added 2023/07/20 12:15 p.m.158 views

CVE-2023-32481

Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system.

6.5CVSS6.2AI score0.00129EPSS
CVE
CVE
added 2023/07/20 12:15 p.m.95 views

CVE-2023-32482

Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.

4.9CVSS4.9AI score0.00077EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.46 views

CVE-2022-46678

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

4.9CVSS5.1AI score0.00097EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.46 views

CVE-2022-46755

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

4.9CVSS5.1AI score0.00097EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.43 views

CVE-2022-46677

Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized.

6.8CVSS5.2AI score0.00096EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.42 views

CVE-2022-46675

Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A unauthenticated attacker could potentially discover the internal structure of the application and its components and use this information for further vulnerability research.

5.3CVSS5.2AI score0.00277EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.42 views

CVE-2022-46754

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities.

8.7CVSS6.4AI score0.00129EPSS
CVE
CVE
added 2023/02/11 1:23 a.m.37 views

CVE-2022-46676

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized.

4.9CVSS5.2AI score0.00096EPSS