CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27693
https://notcve.org/view.php?id=CVE-2025-27693
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27694
https://notcve.org/view.php?id=CVE-2025-27694
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-410: Insufficient Resource Pool •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29982
https://notcve.org/view.php?id=CVE-2025-29982
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-277: Insecure Inherited Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29981
https://notcve.org/view.php?id=CVE-2025-29981
02 Apr 2025 — Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49596
https://notcve.org/view.php?id=CVE-2024-49596
26 Nov 2024 — Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de falta de autorización. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegación de servicio y la elimina... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-862: Missing Authorization •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49597
https://notcve.org/view.php?id=CVE-2024-49597
26 Nov 2024 — Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Dell Wyse Management Suite, versiones WMS 4.4 y anteriores, contiene una vulnerabilidad de restricción inadecuada de intentos excesivos de autenticación. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabil... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49595
https://notcve.org/view.php?id=CVE-2024-49595
26 Nov 2024 — Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Dell Wyse Management Suite, versión WMS 4.4 y anteriores, contiene una vulnerabilidad de omisión de autenticación mediante captura y reproducción. Un atacante con privilegios elevados y acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría una denegac... • https://www.dell.com/support/kbdoc/en-us/000244453/dsa-2024-440 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32483
https://notcve.org/view.php?id=CVE-2023-32483
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32482
https://notcve.org/view.php?id=CVE-2023-32482
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32481
https://notcve.org/view.php?id=CVE-2023-32481
20 Jul 2023 — Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. • https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite • CWE-770: Allocation of Resources Without Limits or Throttling •