Vulnerability Description
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Thinos | <= 9.3.2102 |
| Dell | Latitude 3420 | - |
| Dell | Latitude 3440 | - |
| Dell | Latitude 5440 | - |
| Dell | Optiplex 3000 Thin Client | - |
| Dell | Optiplex 5400 | - |
| Dell | Wyse 3040 Thin Client | - |
| Dell | Wyse 5070 Thin Client | - |
| Dell | Wyse 5470 All-In-One Thin Client | - |
| Dell | Wyse 5470 Mobile Thin Client | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247Vendor Advisory
FAQ
What is CVE-2023-32455?
CVE-2023-32455 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulne...
How severe is CVE-2023-32455?
CVE-2023-32455 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32455?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Thinos, Dell Latitude 3420, Dell Latitude 3440, Dell Latitude 5440, Dell Optiplex 3000 Thin Client.