PT-2023-23817 · Dell · Wyse Management Suite
Published
2023-07-20
·
Updated
2023-07-26
·
CVE-2023-32483
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Wyse Management Suite versions prior to 4.0
Description
The issue allows an authenticated malicious user with local access to the system to read sensitive information written to log files. This is achieved by exploiting a sensitive information disclosure vulnerability.
Recommendations
For Wyse Management Suite versions prior to 4.0, update to version 4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to log files to minimize the risk of exploitation.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wyse Management Suite