CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on the system with privileges of the FTP client by sending specially crafted input data to the affected system. The FTP code that contained the vulnerability has been removed.

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
8.2	HIGH	3.0	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

Versions 1 Total

Default Status: unknown

affected

Credits

Dell would like to thank Jason Larsen of IOActive for reporting this vulnerability.

References 2 Total

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

securityfocus.com: 107376
external site
vdb-entryx_transferred
https://www.dell.com/support/article/us/en/19/sln316391
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Dell EMC

Description

CVSS 1 Total

Product Status

Credits

References 2 Total

CVE Program

References 2 Total