CVE-2021-36341

Published: Dec 21, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. A local authenticated user with low privileges could potentially exploit this vulnerability in order to access sensitive information.

Affected (1)

Products: Dell: Wyse Device Agent

Dell

1 product

Wyse Device Agent

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Wyse Device Agent	Up to 14.5.4.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.dell.com/support/kbdoc/en-us/000193151

Source: security_alert@emc.com

PatchVendor Advisory

https://www.dell.com/support/kbdoc/en-us/000193151

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.