Details of VAR-202208-0899

ID

VAR-202208-0899

CVE

CVE-2022-33924

TITLE

Dell's Dell Wyse Management Suite Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-014409

DESCRIPTION

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules. Dell's Dell Wyse Management Suite Exists in unspecified vulnerabilities.Information may be tampered with. The offering includes Wyse endpoint centralized management, asset tracking and automatic device discovery

Trust: 1.71

sources: NVD: CVE-2022-33924 // JVNDB: JVNDB-2022-014409 // VULHUB: VHN-426116

AFFECTED PRODUCTS

vendor:	dell	model:	wyse management suite	scope:	lt	version:	3.8.0	Trust: 1.0
vendor:	デル	model:	dell wyse management suite	scope:	eq	version:	3.8.0	Trust: 0.8
vendor:	デル	model:	dell wyse management suite	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	dell wyse management suite	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-014409 // NVD: CVE-2022-33924

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33924
value:	MEDIUM
Trust: 1.0
security_alert@emc.com:	CVE-2022-33924
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-33924
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202208-2734
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-33924
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
security_alert@emc.com:	CVE-2022-33924
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2022-33924
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-014409 // CNNVD: CNNVD-202208-2734 // NVD: CVE-2022-33924 // NVD: CVE-2022-33924

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-284	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-014409 // NVD: CVE-2022-33924

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-2734

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2734

PATCH

title:

Dell Wyse Management Suite Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204262

Trust: 0.6

sources: CNNVD: CNNVD-202208-2734

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33924	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-014409	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-2734	Trust: 0.6
db:	CNVD	id:	CNVD-2022-56656	Trust: 0.1
db:	VULHUB	id:	VHN-426116	Trust: 0.1

sources: VULHUB: VHN-426116 // JVNDB: JVNDB-2022-014409 // CNNVD: CNNVD-202208-2734 // NVD: CVE-2022-33924

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33924	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-33924/	Trust: 0.6

sources: VULHUB: VHN-426116 // JVNDB: JVNDB-2022-014409 // CNNVD: CNNVD-202208-2734 // NVD: CVE-2022-33924

SOURCES

db:	VULHUB	id:	VHN-426116
db:	JVNDB	id:	JVNDB-2022-014409
db:	CNNVD	id:	CNNVD-202208-2734
db:	NVD	id:	CVE-2022-33924

LAST UPDATE DATE

2024-08-14T14:49:40.572000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426116	date:	2022-08-12T00:00:00
db:	JVNDB	id:	JVNDB-2022-014409	date:	2023-09-19T08:08:00
db:	CNNVD	id:	CNNVD-202208-2734	date:	2022-08-15T00:00:00
db:	NVD	id:	CVE-2022-33924	date:	2022-08-12T21:44:43.720

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426116	date:	2022-08-10T00:00:00
db:	JVNDB	id:	JVNDB-2022-014409	date:	2023-09-19T00:00:00
db:	CNNVD	id:	CNNVD-202208-2734	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2022-33924	date:	2022-08-10T17:15:08.760