Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
28 Jul 2023, 16:48
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247 - Vendor Advisory | |
| CPE | cpe:2.3:h:dell:wyse_5470_mobile_thin_client:-:*:*:*:*:*:*:* cpe:2.3:o:dell:wyse_thinos:9.4.1141:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_5470_all-in-one_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3440:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_5440:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3420:-:*:*:*:*:*:*:* cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_3040_thin_client:-:*:*:*:*:*:*:* cpe:2.3:h:dell:wyse_5070_thin_client:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | CWE-532 |
20 Jul 2023, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-20 13:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-32446
Mitre link : CVE-2023-32446
CVE.ORG link : CVE-2023-32446
JSON object : View
Products Affected
dell
- optiplex_5400
- latitude_3420
- wyse_5470_mobile_thin_client
- latitude_3440
- latitude_5440
- wyse_thinos
- wyse_3040_thin_client
- wyse_5470_all-in-one_thin_client
- wyse_5070_thin_client
- optiplex_3000_thin_client