Skip to main content

Wyse Management Suite CVE-2025-36578

| EUVDEUVD-2025-17759 MEDIUM
Incorrect Authorization (CWE-863)
2025-06-10 security_alert@emc.com
6.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
5.2
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17759
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 18:15 nvd
MEDIUM 6.8

DescriptionCVE.org

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Analysis

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Technical ContextAI

This vulnerability is classified as Incorrect Authorization (CWE-863).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

CVE-2026-41120 CRITICAL
9.8 Jun 25

Remote code execution affects Dell Wyse Management Suite in all versions prior to WMS 5.5 HF1, stemming from the applica

CVE-2026-22765 HIGH
8.8 Feb 24

Dell Wyse Management Suite versions prior to 5.5 suffer from improper access controls that allow authenticated remote at

CVE-2025-36574 HIGH
8.2 Jun 10

Dell Wyse Management Suite versions prior to 5.2 contain an Absolute Path Traversal vulnerability (CWE-36) that allows u

CVE-2025-29981 HIGH
7.5 Apr 02

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Querie

CVE-2025-36575 HIGH
7.5 Jun 10

A information disclosure vulnerability in an Exposure of Sensitive Information (CVSS 7.5). High severity vulnerability r

CVE-2026-49506 HIGH
7.2 Jun 25

Remote code execution in Dell Wyse Management Suite (versions prior to WMS 5.5 HF1) is reachable through a path traversa

CVE-2026-22766 HIGH
7.2 Feb 24

Remote code execution in Dell Wyse Management Suite versions before 5.5 via unrestricted file upload allows high-privile

CVE-2025-29982 MEDIUM
6.8 Apr 02

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. Rated m

CVE-2025-36577 MEDIUM
6.1 Jun 10

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Gener

CVE-2025-36580 MEDIUM
6.1 Jun 10

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Gener

CVE-2026-23858 MEDIUM
5.4 Feb 24

Dell Wyse Management Suite versions before 5.5 contain a cross-site scripting (XSS) vulnerability that allows authentica

CVE-2025-27694 MEDIUM
5.3 Apr 02

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. Rated mediu

Share

CVE-2025-36578 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy