CyberSec.Space Logo
Back to CVE Browser

CVE-2021-21532

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1850%
EPSS Percentile0.32th
PublishedApr 2, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.

Affected Platforms (CPE)

💻
Dell

Wyse Thinos

< 8.6
💻
Dell

Wyse Thinos

= 8.6

References & Advisories

🔗 https://www.dell.com/support/kbdoc/en-us/000184665/dsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation-vulnerabilitydsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation-
🔗 https://www.dell.com/support/kbdoc/en-us/000184665/dsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation-vulnerabilitydsa-2021-069-dell-wyse-thinos-8-6-security-update-for-an-improper-management-server-validation-

Related Vulnerabilities

CVE-2020-2949110.0

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker...

CVE-2020-2949210.0

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker...

CVE-2010-303110.0

Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a deni...

CVE-2021-215977.2

Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with phy...