CVE-2022-33928
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
Dell Wyse Management Suite versiones 3.6.1 y anteriores, contienen una vulnerabilidad de almacenamiento de contraseñas en texto plano en la Interfaz de Usuario. Un atacante poco privilegiado podría explotar esta vulnerabilidad, conllevando a una divulgación de determinadas credenciales de usuario. El atacante podría usar las credenciales expuestas para acceder a la aplicación vulnerable con privilegios de la cuenta comprometida
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-06-17 CVE Reserved
- 2022-08-10 CVE Published
- 2024-02-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-256: Plaintext Storage of a Password
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Wyse Management Suite Search vendor "Dell" for product "Wyse Management Suite" | < 3.8.0 Search vendor "Dell" for product "Wyse Management Suite" and version " < 3.8.0" | - |
Affected
| ||||||