CVE-2020-29491Incorrect Default Permissions in Dell Wyse Proprietary OS

CWE-276Incorrect Default Permissions2 documents2 sources
Severity
8.6HIGHNVD
EPSS
0.9%
top 24.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Wyse Proprietary OSDell Wyse Thinos
Timeline
PublishedJan 4
Latest updateMay 24

Description

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise of impacted thin clients.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

CVEListV5dell/wyse_proprietary_osunspecified8.6

🔴Vulnerability Details

1
GHSA
GHSA-xw74-fx28-hrj8: Dell Wyse ThinOS 82022-05-24