CVE-2022-29097: Path Traversal
First published: Fri Jun 24 2022(Updated: )
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Wyse Management Suite | <=3.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Dell WMS vulnerability?
The vulnerability ID for this Dell WMS vulnerability is CVE-2022-29097.
What is the severity of CVE-2022-29097?
The severity of CVE-2022-29097 is medium (4.9).
How does the Path Traversal vulnerability in Dell WMS work?
The Path Traversal vulnerability in Dell WMS allows a remote attacker to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
Which version of Dell Wyse Management Suite is affected by this vulnerability?
This vulnerability affects Dell Wyse Management Suite version 3.6.1 and below.
Is there a security update available for Dell WMS to fix this vulnerability?
Yes, Dell has released a security update to address this vulnerability. Please refer to the official Dell support website for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/dell
- canonical/dell wyse management suite
- version/dell wyse management suite/3.6.1