VYPR

Wyse Management Suite Repository

by Dell

CVEs (52)

  • CVE-2022-29097MedJun 24, 2022
    risk 0.32cvss 4.9epss 0.01

    Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

  • CVE-2025-27692MedApr 2, 2025
    risk 0.31cvss 4.7epss 0.00

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Information disclosure, and…

  • CVE-2020-29496MedJan 4, 2021
    risk 0.31cvss 4.8epss 0.01

    Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with high privileges could exploit this vulnerability to store malicious HTML or JavaScript code while creating the Enduser. When victim…

  • CVE-2023-32483MedJul 20, 2023
    risk 0.29cvss 4.4epss 0.00

    Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.

  • CVE-2022-33930MedAug 10, 2022
    risk 0.28cvss 4.3epss 0.01

    Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use the exposed information to…

  • CVE-2022-33924MedAug 10, 2022
    risk 0.28cvss 4.3epss 0.00

    Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules.

  • CVE-2021-21533MedApr 2, 2021
    risk 0.28cvss 4.3epss 0.01

    Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details

  • CVE-2025-36576LowJun 10, 2025
    risk 0.18cvss 2.7epss 0.00

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.

  • CVE-2026-23859Feb 24, 2026
    risk 0.00cvss epss 0.00

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass.

  • CVE-2026-23858Feb 24, 2026
    risk 0.00cvss epss 0.00

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script…

  • CVE-2026-22766Feb 24, 2026
    risk 0.00cvss epss 0.01

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

  • CVE-2026-22765Feb 24, 2026
    risk 0.00cvss epss 0.00

    Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Page 3 of 3