CVE-2024-49596

Name of the Vulnerable Software and Affected Versions: Dell Wyse Management Suite versions WMS 4.4 and prior

Description: The issue is related to a missing authorization procedure in the hybrid cloud solution for managing thin clients. This could allow a remote attacker to cause a denial of service and delete arbitrary files. A high-privileged attacker with remote access could potentially exploit this, leading to significant system disruption.

Recommendations: For versions WMS 4.4 and prior, consider restricting remote access to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the privileges of remote users to reduce the potential impact of the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.