CVE-2021-21586
CVE-2021-21586
In short
Wyse Management Suite allows authenticated users to read any file on the system by bypassing file access restrictions. An attacker with login credentials could view sensitive information like passwords or configuration files.
Technical detail
Absolute path traversal vulnerability in Wyse Management Suite ≤3.2 enables authenticated attackers to read arbitrary files via improper path validation. Attack vector requires valid credentials; impact includes unauthorized information disclosure of system files.
Summary generated and translated by AI from the official description.
Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Dell · Wyse Management SuiteWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →