CVE-2022-33927

MEDIUM

Dell Wyse Management Suite <3.6.1 - Session Fixation

Title source: llm

Description

Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by taking advantage of a user with multiple active sessions in order to hijack a user's session.

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities

Scores

CVSS v3 5.4

EPSS 0.0039

EPSS Percentile 59.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Details

CWE

CWE-384

Status published

Products (1)

dell/wyse_management_suite < 3.8.0

Published Aug 10, 2022

Tracked Since Feb 18, 2026