Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
28 Jul 2023, 16:48
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-532 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| References | (MISC) https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247 - Vendor Advisory | |
| First Time |
Dell latitude 3420
Dell wyse 5470 All-in-one Thin Client Dell wyse Thinos Dell wyse 5470 Mobile Thin Client Dell latitude 5440 Dell optiplex 3000 Thin Client Dell wyse 3040 Thin Client Dell latitude 3440 Dell Dell wyse 5070 Thin Client Dell optiplex 5400 |
|
| CPE | cpe:2.3:h:dell:wyse_3040_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_5470_mobile_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_5440:-:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_5070_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3420:-:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_5470_all-in-one_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3440:-:*:*:*:*:*:*:* cpe:2.3:o:dell:wyse_thinos:9.4.1141:*:*:*:*:*:*:* cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:* |
20 Jul 2023, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-20 13:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-32446
Mitre link : CVE-2023-32446
CVE.ORG link : CVE-2023-32446
JSON object : View
Products Affected
dell
- wyse_3040_thin_client
- wyse_5070_thin_client
- latitude_5440
- wyse_thinos
- optiplex_5400
- latitude_3420
- wyse_5470_mobile_thin_client
- optiplex_3000_thin_client
- wyse_5470_all-in-one_thin_client
- latitude_3440