← Zuruck zu CVEs
CVE-2022-23158
MEDIUM6.0
Beschreibung
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server
CVE Details
CVSS v3.1 Bewertung6.0
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht4/1/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
dell:wyse_device_agent
Schwachen (CWE)
CWE-183CWE-200
Referenzen
https://www.dell.com/support/kbdoc/000196005(security_alert@emc.com)
https://www.dell.com/support/kbdoc/000196005(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.