CVE-2025-29981
Description
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell Wyse Management Suite prior to WMS 5.1 exposes sensitive info via data queries, exploitable by unauthenticated remote attackers.
Vulnerability
Dell Wyse Management Suite (WMS) versions prior to WMS 5.1 contain an Exposure of Sensitive Information Through Data Queries vulnerability [1]. The vulnerability exists in the proprietary code of the suite, where improper handling of data queries allows an unauthenticated remote attacker to access sensitive information.
Exploitation
An attacker needs only network access to the WMS instance, with no authentication required. The attacker can craft malicious data queries to retrieve sensitive information from the application backend without any user interaction or other prerequisites [1].
Impact
Successful exploitation leads to the disclosure of confidential information, impacting confidentiality (High). According to the CVSS vector, integrity and availability are not affected [1]. The attacker gains no direct privilege escalation but can obtain sensitive data.
Mitigation
Dell has released WMS version 5.1 to address this vulnerability [1]. Users should upgrade to WMS 5.1 or later. There is no indication that this CVE is listed in the KEV catalog. If upgrading is not immediately possible, ensure the WMS is not exposed to untrusted networks.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <5.1
- Range: N/A
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135mitrevendor-advisory
News mentions
0No linked articles in our index yet.