Sign-up

ID

VAR-202208-0915


CVE

CVE-2022-33931


TITLE

Dell's  Dell Wyse Management Suite  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-014402

DESCRIPTION

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories. The offering includes Wyse endpoint centralized management, asset tracking and automatic device discovery

Trust: 1.71

sources: NVD: CVE-2022-33931 // JVNDB: JVNDB-2022-014402 // VULHUB: VHN-426123

AFFECTED PRODUCTS

vendor:dellmodel:wyse management suitescope:ltversion:3.8.0

Trust: 1.0

vendor:デルmodel:dell wyse management suitescope:eqversion:3.8.0

Trust: 0.8

vendor:デルmodel:dell wyse management suitescope:eqversion: -

Trust: 0.8

vendor:デルmodel:dell wyse management suitescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-014402 // NVD: CVE-2022-33931

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-33931
value: MEDIUM

Trust: 1.0

security_alert@emc.com: CVE-2022-33931
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-33931
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202208-2724
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-33931
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

security_alert@emc.com: CVE-2022-33931
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2022-33931
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-014402 // CNNVD: CNNVD-202208-2724 // NVD: CVE-2022-33931 // NVD: CVE-2022-33931

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-284

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-014402 // NVD: CVE-2022-33931

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-2724

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2724

PATCH

title:Dell Wyse Management Suite Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204253

Trust: 0.6

sources: CNNVD: CNNVD-202208-2724

EXTERNAL IDS

db:NVDid:CVE-2022-33931

Trust: 3.3

db:JVNDBid:JVNDB-2022-014402

Trust: 0.8

db:CNNVDid:CNNVD-202208-2724

Trust: 0.6

db:CNVDid:CNVD-2022-56663

Trust: 0.1

db:VULHUBid:VHN-426123

Trust: 0.1

sources: VULHUB: VHN-426123 // JVNDB: JVNDB-2022-014402 // CNNVD: CNNVD-202208-2724 // NVD: CVE-2022-33931

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-33931

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-33931/

Trust: 0.6

sources: VULHUB: VHN-426123 // JVNDB: JVNDB-2022-014402 // CNNVD: CNNVD-202208-2724 // NVD: CVE-2022-33931

SOURCES

db:VULHUBid:VHN-426123
db:JVNDBid:JVNDB-2022-014402
db:CNNVDid:CNNVD-202208-2724
db:NVDid:CVE-2022-33931

LAST UPDATE DATE

2024-08-14T15:00:52.433000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-426123date:2022-08-13T00:00:00
db:JVNDBid:JVNDB-2022-014402date:2023-09-19T08:08:00
db:CNNVDid:CNNVD-202208-2724date:2022-08-15T00:00:00
db:NVDid:CVE-2022-33931date:2022-08-13T00:13:56.207

SOURCES RELEASE DATE

db:VULHUBid:VHN-426123date:2022-08-10T00:00:00
db:JVNDBid:JVNDB-2022-014402date:2023-09-19T00:00:00
db:CNNVDid:CNNVD-202208-2724date:2022-08-10T00:00:00
db:NVDid:CVE-2022-33931date:2022-08-10T17:15:09.167