CVE-2022-33924 MEDIUM

CVE-2022-33924

Vendor Dell

Product Wyse Management Suite

Weakness CWE-284

Published August 10, 2022

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules.

Key dates

02Disclosure timeline

August 10, 2022 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-33924 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2024-22202 User Removal Page Allows Spoofing Of User Details CVE-2020-5293 Improper access control on product page with combinations, attachments and specific prices in PrestaShop CVE-2020-3522 Cisco Data Center Network Manager Authorization Bypass Vulnerability CVE-2024-5270 SAML to email switch possible when email signin is disabled CVE-2024-23360 Improper Access Control in Graphics Windows