Vulnerability Details CVE-2022-29097
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.0
References
Products affected by CVE-2022-29097
-
cpe:2.3:a:dell:wyse_management_suite:-
-
cpe:2.3:a:dell:wyse_management_suite:1.0
-
cpe:2.3:a:dell:wyse_management_suite:1.1
-
cpe:2.3:a:dell:wyse_management_suite:1.2
-
cpe:2.3:a:dell:wyse_management_suite:1.3
-
cpe:2.3:a:dell:wyse_management_suite:1.4
-
cpe:2.3:a:dell:wyse_management_suite:1.4.1
-
cpe:2.3:a:dell:wyse_management_suite:2.0
-
cpe:2.3:a:dell:wyse_management_suite:3.0
-
cpe:2.3:a:dell:wyse_management_suite:3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.2
-
cpe:2.3:a:dell:wyse_management_suite:3.3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.2
-
cpe:2.3:a:dell:wyse_management_suite:3.6.0
-
cpe:2.3:a:dell:wyse_management_suite:3.6.1