CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23158
https://notcve.org/view.php?id=CVE-2022-23158
01 Apr 2022 — Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server Wyse Device Agent versión 14.6.1.4 y anteriores, contienen una vulnerabilidad de exposición de datos confidenciales. Un usuario local autenticado con privilegios estándar podría explotar esta vulnerabilidad y proporcionar información incorrecta ... • https://www.dell.com/support/kbdoc/000196005 • CWE-183: Permissive List of Allowed Inputs CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23157
https://notcve.org/view.php?id=CVE-2022-23157
01 Apr 2022 — Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server. Wyse Device Agent versión 14.6.1.4 y anteriores, contienen una vulnerabilidad de exposición de datos confidenciales. Un usuario malicioso autenticado podría explotar potencialmente esta vulnerabilidad para visualizar información confidencial del servidor WMS • https://www.dell.com/support/kbdoc/000196005 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23156
https://notcve.org/view.php?id=CVE-2022-23156
01 Apr 2022 — Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server. Wyse Device Agent versión 14.6.1.4 y anteriores, contienen una vulnerabilidad de autenticación inapropiada. Un usuario malicioso podría explotar esta vulnerabilidad al proporcionar una entrada no válida para obtener una conexión con el servidor WMS • https://www.dell.com/support/kbdoc/000196005 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36341
https://notcve.org/view.php?id=CVE-2021-36341
21 Dec 2021 — Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. A local authenticated user with low privileges could potentially exploit this vulnerability in order to access sensitive information. Dell Wyse Device Agent versión 14.5.4.1 y anteriores, contienen una vulnerabilidad de exposición de datos confidenciales. Un usuario local autenticado con bajos privilegios podría explotar potencialmente esta vulnerabilidad para acceder a información confidencial • https://www.dell.com/support/kbdoc/en-us/000193151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3712 – DSA-2019-039: Dell Wyse Device Agent Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2019-3712
07 Mar 2019 — Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on the system with privileges of the FTP client by sending specially crafted input data to the affected system. The FTP code that contained the vulnerability has been removed. Dell WES Wyse Device Agent, en versiones anteriores a la 14.1.2.9 y Dell Wyse Thin... • http://www.securityfocus.com/bid/107376 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •