CVE-2023-32482
Description
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Wyse Management Suite prior to 4.0 has an improper authorization vulnerability allowing privileged users to push policies to unauthorized tenant groups.
Vulnerability
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant groups. [1]
Exploitation
An attacker must have authenticated privileged access to the Wyse Management Suite. The attacker can then push policies to tenant groups for which they are not authorized. No user interaction is required. [1]
Impact
Successful exploitation allows the attacker to push policies to unauthorized tenant groups, affecting the integrity of those tenants. The CVSS vector indicates a medium severity with high integrity impact (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N). [1]
Mitigation
The vulnerability is fixed in Wyse Management Suite version 4.0. Users should upgrade to version 4.0 or later. No workarounds are available. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <4.0
- Range: 4.0 and below
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.