CVE-2021-21533 — Improper Input Validation in Dell Wyse Management Suite

CWE-20 — Improper Input Validation4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 54.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Wyse Management Suite

Timeline

PublishedApr 2

Latest updateFeb 13

Description

Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5dell/wyse_management_suiteunspecified — 3.2

▶NVDdell/wyse_management_suite< 3.2

🔴Vulnerability Details

OSV

fig2dev vulnerabilities↗2023-02-13

▶

GHSA

GHSA-5662-2q2g-p5f9: Wyse Management Suite versions up to 3↗2022-05-24

▶

CVEList

CVE-2021-21533: Wyse Management Suite versions up to 3↗2021-04-02

▶