CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32481
https://notcve.org/view.php?id=CVE-2023-32481
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46754
https://notcve.org/view.php?id=CVE-2022-46754
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46755
https://notcve.org/view.php?id=CVE-2022-46755
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46677
https://notcve.org/view.php?id=CVE-2022-46677
Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46678
https://notcve.org/view.php?id=CVE-2022-46678
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •