PT-2023-23794 · Dell · Dell Wyse Thinos
Published
2023-07-20
·
Updated
2023-07-28
·
CVE-2023-32447
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dell Wyse ThinOS versions prior to 2306 (9.4.2103)
Description
The issue allows a malicious user with local access to the device to read sensitive information written to the log files. This is a sensitive information disclosure issue.
Recommendations
For Dell Wyse ThinOS versions prior to 2306 (9.4.2103), update to version 2306 (9.4.2103) or later to resolve the issue. As a temporary workaround, consider restricting local access to the device to minimize the risk of exploitation.
Fix
Cleartext Storage of Sensitive Information
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dell Wyse Thinos