Vulnerability Description
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Thinos | < 9.3.2102 |
| Dell | Latitude 3420 | - |
| Dell | Optiplex 3000 Thin Client | - |
| Dell | Wyse 3040 Thin Client | - |
| Dell | Wyse 5070 Thin Client | - |
| Dell | Wyse 5470 All-In-One Thin Client | - |
| Dell | Wyse 5470 Mobile Thin Client | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000203376/dsa-2022-247-dell-wyse-thinosPatchVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000203376/dsa-2022-247-dell-wyse-thinosPatchVendor Advisory
FAQ
What is CVE-2022-34402?
CVE-2022-34402 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service.
How severe is CVE-2022-34402?
CVE-2022-34402 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-34402?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Thinos, Dell Latitude 3420, Dell Optiplex 3000 Thin Client, Dell Wyse 3040 Thin Client, Dell Wyse 5070 Thin Client.