Skip to main content

Wyse Management Suite CVE-2025-29982

MEDIUM
Insecure Inherited Permissions (CWE-277)
2025-04-02 security_alert@emc.com
6.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:34 vuln.today
CVE Published
Apr 02, 2025 - 01:15 nvd
MEDIUM 6.8

DescriptionCVE.org

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

AnalysisAI

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-277. Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. Affected products include: Dell Wyse Management Suite.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2026-41120 CRITICAL
9.8 Jun 25

Remote code execution affects Dell Wyse Management Suite in all versions prior to WMS 5.5 HF1, stemming from the applica

CVE-2026-22765 HIGH
8.8 Feb 24

Dell Wyse Management Suite versions prior to 5.5 suffer from improper access controls that allow authenticated remote at

CVE-2025-36574 HIGH
8.2 Jun 10

Dell Wyse Management Suite versions prior to 5.2 contain an Absolute Path Traversal vulnerability (CWE-36) that allows u

CVE-2025-29981 HIGH
7.5 Apr 02

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Querie

CVE-2025-36575 HIGH
7.5 Jun 10

A information disclosure vulnerability in an Exposure of Sensitive Information (CVSS 7.5). High severity vulnerability r

CVE-2026-49506 HIGH
7.2 Jun 25

Remote code execution in Dell Wyse Management Suite (versions prior to WMS 5.5 HF1) is reachable through a path traversa

CVE-2026-22766 HIGH
7.2 Feb 24

Remote code execution in Dell Wyse Management Suite versions before 5.5 via unrestricted file upload allows high-privile

CVE-2025-36578 MEDIUM
6.8 Jun 10

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privilege

CVE-2025-36577 MEDIUM
6.1 Jun 10

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Gener

CVE-2025-36580 MEDIUM
6.1 Jun 10

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Gener

CVE-2026-23858 MEDIUM
5.4 Feb 24

Dell Wyse Management Suite versions before 5.5 contain a cross-site scripting (XSS) vulnerability that allows authentica

CVE-2025-27694 MEDIUM
5.3 Apr 02

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. Rated mediu

Share

CVE-2025-29982 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy