CVE-2021-21597 — Log File Information Exposure in Dell Wyse Thinos

CWE-532 — Log File Information Exposure2 documents2 sources

Severity

3.9LOWNVD

EPSS

0.0%

top 86.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Wyse Thinos

Timeline

PublishedAug 10

Latest updateMay 24

Description

Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.3 | Impact: 3.6

Affected Packages1 packages

▶NVDdell/wyse_thinos9.0, 9.1+1

Patches

Patch: www.dell.com ↗Patch: www.dell.com ↗

🔴Vulnerability Details

GHSA

GHSA-c5x3-p9mj-9gv6: Dell Wyse ThinOS, version 9↗2022-05-24

▶