Wyse Management Suite Security Vulnerabilities and Issues — Wyse Management Suite CVE List

Lucene search

DellWyse Management Suite

10 matches found

CVE•added 2022/06/24 5:15 p.m.•709 views

CVE-2022-29097

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

4.9CVSS5.1AI score0.00312EPSS

CVE•added 2023/07/20 12:15 p.m.•162 views

CVE-2023-32483

Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.

4.4CVSS4.1AI score0.00022EPSS

CVE•added 2023/07/20 12:15 p.m.•95 views

CVE-2023-32482

Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.

4.9CVSS4.9AI score0.00077EPSS

CVE•added 2021/04/02 10:15 p.m.•76 views

CVE-2021-21533

Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details

4.3CVSS4.4AI score0.00228EPSS

CVE•added 2025/04/02 1:15 a.m.•51 views

CVE-2025-27693

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

4.9CVSS7.2AI score0.0004EPSS

CVE•added 2023/02/11 1:23 a.m.•46 views

CVE-2022-46678

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

4.9CVSS5.1AI score0.00097EPSS

CVE•added 2023/02/11 1:23 a.m.•46 views

CVE-2022-46755

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

4.9CVSS5.1AI score0.00097EPSS

CVE•added 2021/01/04 10:15 p.m.•44 views

CVE-2020-29496

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with high privileges could exploit this vulnerability to store malicious HTML or JavaScript code while creating the Enduser. When victim users access the submi...

4.8CVSS4.8AI score0.00174EPSS

CVE•added 2025/05/08 7:16 p.m.•38 views

CVE-2025-27695

Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.

4.9CVSS4.9AI score0.00073EPSS

CVE•added 2023/02/11 1:23 a.m.•37 views

CVE-2022-46676

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized.

4.9CVSS5.2AI score0.00096EPSS