CVE-2025-36578

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226

Configurations

No configuration.

History

12 Jun 2025, 16:06

Type	Values Removed	Values Added
Summary		(es) Dell Wyse Management Suite, versiones anteriores a WMS 5.2, contiene una vulnerabilidad de autorización incorrecta. Un atacante con privilegios reducidos y acceso remoto podría explotar esta vulnerabilidad, lo que provocaría un acceso no autorizado.

10 Jun 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-10 18:15

Updated : 2025-06-12 16:06

NVD link : CVE-2025-36578

Mitre link : CVE-2025-36578

CVE.ORG link : CVE-2025-36578

JSON object : View

Products Affected

No product.

CWE

CWE-863

Incorrect Authorization

6.8 /10