dark reading threat intel and cybersecurity news
Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2020-29491
PUBLISHED: 2021-01-04

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise of impacted thin clien…

CVE-2020-29492
PUBLISHED: 2021-01-04

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.

CVE-2020-29496
PUBLISHED: 2021-01-04

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with high privileges could exploit this vulnerability to store malicious HTML or JavaScript code while creating the Enduser. When victim users access the submit…

CVE-2020-29497
PUBLISHED: 2021-01-04

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious HTML or JavaScript code under the device tag. When victim users access the submitted dat…

CVE-2020-29498
PUBLISHED: 2021-01-04

Dell Wyse Management Suite versions prior to 3.1 contain an open redirect vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerab…