CVE-2022-23155Unrestricted File Upload in Dell Wyse Management Suite

CWE-434Unrestricted File Upload3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.7%
top 27.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Wyse Management Suite
Timeline
PublishedApr 1
Latest updateApr 2

Description

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5dell/wyse_management_suiteunspecified3.6
NVDdell/wyse_management_suite2.03.5.2

Patches

Patch: www.dell.comPatch: www.dell.com

🔴Vulnerability Details

2
GHSA
GHSA-w9m5-85rx-qx3f: Dell Wyse Management Suite versions 22022-04-02
CVEList
CVE-2022-23155: Dell Wyse Management Suite versions 22022-04-01
CVE-2022-23155 — Unrestricted File Upload in Dell | cvebase