CVE-2022-34365

MEDIUM

Dell Wyse Management Suite < 3.8.0 - Path Traversal in Device API

Title source: llm

Description

WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities

Scores

CVSS v3 6.5

EPSS 0.0048

EPSS Percentile 65.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

dell/wyse_management_suite < 3.8.0

Published Aug 10, 2022

Tracked Since Feb 18, 2026