CVE-2022-46755
First published: Fri Feb 10 2023(Updated: )
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Wyse Management Suite | <=3.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-46755 vulnerability?
CVE-2022-46755 is an improper access control vulnerability in Wyse Management Suite 3.8 and below, which allows an authenticated malicious admin user to edit general client policy without proper authorization.
Which software versions are affected by CVE-2022-46755?
Wyse Management Suite versions up to and including 3.8.0 are affected by CVE-2022-46755.
What is the severity of CVE-2022-46755?
CVE-2022-46755 has a severity rating of 4.9 (medium).
How can an attacker exploit CVE-2022-46755?
An attacker with administrative access can exploit CVE-2022-46755 by authenticating as an admin user and modifying general client policies without proper authorization.
Is there a security update available for CVE-2022-46755?
Yes, Dell has released a security update for CVE-2022-46755. Please refer to the Dell support website for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- agent/source
- vendor/dell
- canonical/dell wyse management suite
- version/dell wyse management suite/3.8.0