Page 2 of 36 results (0.037 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •