CVE-2022-46676 MEDIUM

CVE-2022-46676

Vendor Dell

Product Wyse Management Suite

Weakness CWE-284

Published February 10, 2023

Last update March 24, 2025

View on NVD All CVEs

CVSS base score

4.9/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized.

Key dates

02Disclosure timeline

February 10, 2023 CVE published

March 24, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-46676 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2021-32652 Missing permission check on email metadata retrieval CVE-2023-47865 Username and Icon override can be used by members when Hardened Mode is enabled CVE-2021-24198 wpDataTables < 3.4.2 - Improper Access Control leading to Table Data Deletion CVE-2026-32768 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace CVE-2024-1478 Maintenance Mode <= 3.0.1 - Information Exposure