CVE-2022-46754
First published: Fri Feb 10 2023(Updated: )
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Wyse Management Suite | <=3.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-46754?
The severity of CVE-2022-46754 is high with a severity value of 6.5.
How does CVE-2022-46754 impact Wyse Management Suite?
CVE-2022-46754 impacts Wyse Management Suite 3.8 and below by allowing an authenticated malicious admin user to access certain pro license features that they are not authorized to use.
What is the affected software version for CVE-2022-46754?
The affected software version for CVE-2022-46754 is Wyse Management Suite up to and including version 3.8.0.
How can I fix CVE-2022-46754?
To fix CVE-2022-46754, users should apply the security update provided by Dell Wyse Management Suite. Details can be found in the reference link.
What is CWE-284?
CWE-284 refers to an Improper Access Control vulnerability, which is the type of vulnerability present in CVE-2022-46754.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- agent/source
- vendor/dell
- canonical/dell wyse management suite
- version/dell wyse management suite/3.8.0