CVE-2022-23155: Malicious File Upload
First published: Thu Feb 17 2022(Updated: )
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Wyse Management Suite | >=2.0<=3.5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Dell Wyse Management Suite?
The vulnerability ID for Dell Wyse Management Suite is CVE-2022-23155.
What is the severity of CVE-2022-23155?
The severity of CVE-2022-23155 is critical with a CVSS score of 7.2.
How does Dell Wyse Management Suite versions 2.0 through 3.5.2 have an unrestricted file upload vulnerability?
Dell Wyse Management Suite versions 2.0 through 3.5.2 have an unrestricted file upload vulnerability that allows a malicious user with admin privileges to execute arbitrary code on the system.
Which versions of Dell Wyse Management Suite are affected by CVE-2022-23155?
Dell Wyse Management Suite versions 2.0 through 3.5.2 are affected by CVE-2022-23155.
How can I fix the unrestricted file upload vulnerability in Dell Wyse Management Suite?
To fix the unrestricted file upload vulnerability in Dell Wyse Management Suite, it is recommended to update to a version higher than 3.5.2.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- agent/source
- vendor/dell
- canonical/dell wyse management suite
- version/dell wyse management suite/2.0
- version/dell wyse management suite/3.5.2