Vulnerability Details CVE-2022-46754
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.3%
CVSS Severity
CVSS v3 Score 8.7
References
Products affected by CVE-2022-46754
-
cpe:2.3:a:dell:wyse_management_suite:-
-
cpe:2.3:a:dell:wyse_management_suite:1.0
-
cpe:2.3:a:dell:wyse_management_suite:1.1
-
cpe:2.3:a:dell:wyse_management_suite:1.2
-
cpe:2.3:a:dell:wyse_management_suite:1.3
-
cpe:2.3:a:dell:wyse_management_suite:1.4
-
cpe:2.3:a:dell:wyse_management_suite:1.4.1
-
cpe:2.3:a:dell:wyse_management_suite:2.0
-
cpe:2.3:a:dell:wyse_management_suite:3.0
-
cpe:2.3:a:dell:wyse_management_suite:3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.2
-
cpe:2.3:a:dell:wyse_management_suite:3.3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.2
-
cpe:2.3:a:dell:wyse_management_suite:3.6.0
-
cpe:2.3:a:dell:wyse_management_suite:3.6.1
-
cpe:2.3:a:dell:wyse_management_suite:3.7.0
-
cpe:2.3:a:dell:wyse_management_suite:3.8.0