CVE-2021-36337

Published: Dec 21, 2021Modified: Nov 21, 2024

7.4

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.2 / Impact: 5.2

Source: NVD

Description

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data.

Affected (1)

Products: Dell: Wyse Management Suite

Dell

1 product

Wyse Management Suite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Wyse Management Suite	Up to 3.3.1

Related CWEs

CWE-326

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (2)

https://www.dell.com/support/kbdoc/000193079

Source: security_alert@emc.com

PatchVendor Advisory

https://www.dell.com/support/kbdoc/000193079

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.