CVE-2022-46678

Name of the Vulnerable Software and Affected Versions Wyse Management Suite versions 3.8 and below

Description The issue concerns an improper access control vulnerability. An authenticated malicious admin user can edit the general client policy for which the user is not authorized.

Recommendations For versions 3.8 and below, update to a version above 3.8 to resolve the issue. As a temporary workaround, consider restricting access to policy editing features to minimize the risk of exploitation.