Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.
References
Configurations
Configuration 1 (hide)
|
History
13 Apr 2021, 19:07
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 6.3 |
CPE | cpe:2.3:o:dell:wyse_thinos:8.6:-:*:*:*:*:*:* cpe:2.3:o:dell:wyse_thinos:*:*:*:*:*:*:*:* |
|
CWE | CWE-20 | |
References | (MISC) https://www.dell.com/support/kbdoc/en-us/000184665/dsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation-vulnerabilitydsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation- - Vendor Advisory |
02 Apr 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-02 22:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-21532
Mitre link : CVE-2021-21532
CVE.ORG link : CVE-2021-21532
JSON object : View
Products Affected
dell
- wyse_thinos