CVE-2022-29097 MEDIUM

CVE-2022-29097

Vendor Dell

Product Wyse Management Suite

Weakness CWE-23

Published June 24, 2022

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

4.9/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

Key dates

02Disclosure timeline

June 24, 2022 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-29097

Related vulnerabilities

CVE-2022-29097

01Description

02Disclosure timeline

03References

04Related CVE