CVE-2020-29498

CVSS 6.1 MEDIUMEPSS 1.1%CWE-601

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.1EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

04 Jan 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Dell Wyse Management Suite versions prior to 3.1 contain an open redirect vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

Dell · Wyse Management Suite

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000180983/dsa-2020-282