CVE-2021-21597

Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.
References
Link Resource
https://www.dell.com/support/kbdoc/000189543 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dell:wyse_thinos:9.0:*:*:*:*:*:*:*
cpe:2.3:o:dell:wyse_thinos:9.1:*:*:*:*:*:*:*
cpe:2.3:o:dell:wyse_thinos:9.1:mr1:*:*:*:*:*:*
OR cpe:2.3:h:dell:wyse_3040_thin_client:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:wyse_5070_thin_client:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:wyse_5470_thin_client:-:*:*:*:*:*:*:*

History

23 Aug 2021, 17:38

Type Values Removed Values Added
References (CONFIRM) https://www.dell.com/support/kbdoc/000189543 - (CONFIRM) https://www.dell.com/support/kbdoc/000189543 - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 3.9
CWE CWE-532
CPE cpe:2.3:o:dell:wyse_thinos:9.1:*:*:*:*:*:*:*
cpe:2.3:h:dell:wyse_5070_thin_client:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:wyse_3040_thin_client:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:wyse_thinos:9.1:mr1:*:*:*:*:*:*
cpe:2.3:o:dell:wyse_thinos:9.0:*:*:*:*:*:*:*
cpe:2.3:h:dell:wyse_5470_thin_client:-:*:*:*:*:*:*:*

10 Aug 2021, 20:15

Type Values Removed Values Added
Summary Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files. Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.

10 Aug 2021, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-10 19:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-21597

Mitre link : CVE-2021-21597

CVE.ORG link : CVE-2021-21597


JSON object : View

Products Affected

dell

  • wyse_3040_thin_client
  • wyse_5470_thin_client
  • wyse_5070_thin_client
  • wyse_thinos
CWE
CWE-532

Insertion of Sensitive Information into Log File