CVE-2022-23155 HIGH

CVE-2022-23155

Vendor Dell
Product Wyse Management Suite
Weakness CWE-434 · Unrestricted file upload
Published April 1, 2022
Last update September 17, 2024

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.

Key dates

02Disclosure timeline

April 1, 2022 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE