Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-21587Sensitive Information Exposure in Dell Wyse Management Suite

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
3.3LOWNVD
CNA5.3
EPSS
5.4%
top 9.85%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Dell Wyse Management Suite
Timeline
PublishedJul 15
Latest updateMay 24

Description

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files and folders.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5dell/wyse_management_suiteunspecified3.3

Patches

Patch: www.dell.comPatch: www.dell.com

🔴Vulnerability Details

2
GHSA
GHSA-9ww5-fqmw-qv7w: Dell Wyse Management Suite versions 32022-05-24
CVEList
CVE-2021-21587: Dell Wyse Management Suite versions 32021-07-15

💥Exploits & PoCs

1
Nuclei
Dell Wyse Management Suite Login Panel - Detect
CVE-2021-21587 — Sensitive Information Exposure in Dell | cvebase