{"containers":{"cna":{"affected":[{"product":"Wyse Management Suite","vendor":"Dell","versions":[{"lessThan":"3.7","status":"affected","version":"unspecified","versionType":"custom"}]}],"datePublic":"2022-07-18T00:00:00.000Z","descriptions":[{"lang":"en","value":"Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could potentially exploit this vulnerability in order to obtain credentials. The attacker may be able to use the exposed credentials to access the target device and perform unauthorized actions."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-317","description":"CWE-317: Cleartext Storage of Sensitive Information in GUI","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-08-10T16:30:27.000Z","orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2022-07-18","ID":"CVE-2022-29090","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Wyse Management Suite","version":{"version_data":[{"version_affected":"<","version_value":"3.7"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could potentially exploit this vulnerability in order to obtain credentials. The attacker may be able to use the exposed credentials to access the target device and perform unauthorized actions."}]},"impact":{"cvss":{"baseScore":8.5,"baseSeverity":"High","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-317: Cleartext Storage of Sensitive Information in GUI"}]}]},"references":{"reference_data":[{"name":"https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities","refsource":"MISC","url":"https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T06:10:59.294Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities"}]}]},"cveMetadata":{"assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","assignerShortName":"dell","cveId":"CVE-2022-29090","datePublished":"2022-08-10T16:30:27.158Z","dateReserved":"2022-04-12T00:00:00.000Z","dateUpdated":"2024-09-17T02:37:35.608Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}