CVE-2022-46755
Description
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper access control in Wyse Management Suite 3.8 and below allows authenticated malicious end users to edit client policies they are not authorized to.
Vulnerability
Wyse Management Suite versions 3.8 and below contain an improper access control vulnerability [1]. An authenticated malicious end user can edit general client policy for which they are not authorized [1].
Exploitation
The attacker must have valid credentials with privileged access (high privileges) to the Wyse Management Suite [1]. The vulnerability can be exploited remotely over the network without user interaction [1]. The attacker can exploit the flaw by manipulating policy editing functions to bypass authorization checks.
Impact
Successful exploitation allows the attacker to edit client policies they are not authorized to modify, leading to a denial of service (availability impact) as per CVSS vector [1]. The impact is limited to availability; no confidentiality or integrity impact is reported [1].
Mitigation
Dell has released a security update for Wyse Management Suite. Refer to DSA-2022-329 [1] for fixed version details. Users should apply the update to remediate the vulnerability.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=3.8
- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.