Vulnerability Description
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Management Suite | <= 3.6.1 |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000200215/dsa-2022-143-dell-wyse-manageVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000200215/dsa-2022-143-dell-wyse-manageVendor Advisory
FAQ
What is CVE-2022-29096?
CVE-2022-29096 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerabili...
How severe is CVE-2022-29096?
CVE-2022-29096 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-29096?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Management Suite.