CVE-2022-46754
https://notcve.org/view.php?id=CVE-2022-46754
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVE-2022-46755
https://notcve.org/view.php?id=CVE-2022-46755
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVE-2022-46677
https://notcve.org/view.php?id=CVE-2022-46677
Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVE-2022-46678
https://notcve.org/view.php?id=CVE-2022-46678
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVE-2022-46676
https://notcve.org/view.php?id=CVE-2022-46676
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •