CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49596
https://notcve.org/view.php?id=CVE-2024-49596
Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de falta de autorización. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegación de servicio y la eliminación arbitraria de archivos. • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-862: Missing Authorization •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49597
https://notcve.org/view.php?id=CVE-2024-49597
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Dell Wyse Management Suite, versiones WMS 4.4 y anteriores, contiene una vulnerabilidad de restricción inadecuada de intentos excesivos de autenticación. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría la omisión del mecanismo de protección. • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49595
https://notcve.org/view.php?id=CVE-2024-49595
Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de omisión de autenticación mediante captura y reproducción. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32483
https://notcve.org/view.php?id=CVE-2023-32483
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32482
https://notcve.org/view.php?id=CVE-2023-32482
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •