CVE-2023-32483Cleartext Storage of Sensitive Info in Dell Wyse Management Suite

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.0%
top 93.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Wyse Management Suite
Timeline
PublishedJul 20

Description

Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/wyse_management_suite4.0 and below

🔴Vulnerability Details

2
GHSA
GHSA-fv54-c959-7hf7: Wyse Management Suite versions prior to 42023-07-20
CVEList
CVE-2023-32483: Wyse Management Suite versions prior to 42023-07-20
CVE-2023-32483 — Cleartext Storage of Sensitive Info | cvebase