CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29981
https://notcve.org/view.php?id=CVE-2025-29981
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49596
https://notcve.org/view.php?id=CVE-2024-49596
26 Nov 2024 — Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de falta de autorización. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegación de servicio y la elimina... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-862: Missing Authorization •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49597
https://notcve.org/view.php?id=CVE-2024-49597
26 Nov 2024 — Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Dell Wyse Management Suite, versiones WMS 4.4 y anteriores, contiene una vulnerabilidad de restricción inadecuada de intentos excesivos de autenticación. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabil... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49595
https://notcve.org/view.php?id=CVE-2024-49595
26 Nov 2024 — Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de omisión de autenticación mediante captura y reproducción. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegac... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32483
https://notcve.org/view.php?id=CVE-2023-32483
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32482
https://notcve.org/view.php?id=CVE-2023-32482
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32481
https://notcve.org/view.php?id=CVE-2023-32481
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46754
https://notcve.org/view.php?id=CVE-2022-46754
10 Feb 2023 — Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46755
https://notcve.org/view.php?id=CVE-2022-46755
10 Feb 2023 — Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46677
https://notcve.org/view.php?id=CVE-2022-46677
10 Feb 2023 — Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •