Dell Wyse Management Suite — known CVE vulnerabilities
Every CVE whose affected-product data names Dell Wyse Management Suite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (58)
CVE-2021-36336 — CVSS 9.8 (critical): Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to…
CVE-2026-41120 — CVSS 9.8 (critical): Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data…
CVE-2026-22765 — CVSS 8.8 (high): Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote…
CVE-2026-44272 — CVSS 8.8 (high): Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command…
CVE-2022-46754 — CVSS 8.7 (high): Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access…
CVE-2022-29090 — CVSS 8.5 (high): Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could…
CVE-2025-36574 — CVSS 8.2 (high): Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with…
CVE-2021-21586 — CVSS 8.1 (high): Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user…
CVE-2026-44271 — CVSS 8.1 (high): Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command…
CVE-2026-44274 — CVSS 7.8 (high): Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low…
CVE-2018-11063 — CVSS 7.8 (high): Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple…
CVE-2024-49597 — CVSS 7.6 (high): Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability…
CVE-2024-49595 — CVSS 7.6 (high): Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged…
CVE-2025-29981 — CVSS 7.5 (high): Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An…
CVE-2025-36575 — CVSS 7.5 (high): Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An…
CVE-2026-49506 — CVSS 7.2 (high): Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path…
CVE-2022-23155 — CVSS 7.2 (high): Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin…
CVE-2026-22766 — CVSS 7.2 (high): Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high…
CVE-2022-33926 — CVSS 7.1 (high): Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this…
CVE-2025-36578 — CVSS 6.8 (medium): Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with…
CVE-2025-29982 — CVSS 6.8 (medium): Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker…
CVE-2022-46677 — CVSS 6.8 (medium): Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup…
CVE-2022-33925 — CVSS 6.5 (medium): Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could…
CVE-2021-36337 — CVSS 6.5 (medium): Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible…
CVE-2022-34365 — CVSS 6.5 (medium): WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain…
CVE-2019-3770 — CVSS 6.4 (medium): Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A…
CVE-2022-33928 — CVSS 6.4 (medium): Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges…
CVE-2019-3769 — CVSS 6.4 (medium): Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious…
CVE-2022-33931 — CVSS 6.3 (medium): Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert…
CVE-2020-29498 — CVSS 6.1 (medium): Dell Wyse Management Suite versions prior to 3.1 contain an open redirect vulnerability. A remote unauthenticated attacker could…
CVE-2022-33929 — CVSS 6.1 (medium): Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated…
CVE-2022-29096 — CVSS 6.1 (medium): Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An…
CVE-2025-36580 — CVSS 6.1 (medium): Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site…
CVE-2025-36577 — CVSS 6.1 (medium): Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site…
CVE-2026-44273 — CVSS 6.0 (medium): Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged…
CVE-2024-49596 — CVSS 5.9 (medium): Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with…
CVE-2022-33927 — CVSS 5.4 (medium): Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthenticated attacker could exploit this by…
CVE-2026-23858 — CVSS 5.4 (medium): Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site…
CVE-2020-29497 — CVSS 5.4 (medium): Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user…
CVE-2022-46675 — CVSS 5.3 (medium): Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A unauthenticated attacker could…
CVE-2021-21587 — CVSS 5.3 (medium): Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could…
CVE-2025-27694 — CVSS 5.3 (medium): Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker…
CVE-2025-27695 — CVSS 4.9 (medium): Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged…
CVE-2022-29097 — CVSS 4.9 (medium): Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this…
CVE-2023-32482 — CVSS 4.9 (medium): Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with…
CVE-2023-32481 — CVSS 4.9 (medium): Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the…
CVE-2022-46755 — CVSS 4.9 (medium): Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general…
CVE-2022-46678 — CVSS 4.9 (medium): Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general…
CVE-2022-46676 — CVSS 4.9 (medium): Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users…
CVE-2025-27693 — CVSS 4.9 (medium): Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site…
CVE-2020-29496 — CVSS 4.8 (medium): Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user…
CVE-2025-27692 — CVSS 4.7 (medium): Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high…
CVE-2023-32483 — CVSS 4.4 (medium): Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user…
CVE-2022-33924 — CVSS 4.3 (medium): Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to…
CVE-2022-33930 — CVSS 4.3 (medium): Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit…
CVE-2021-21533 — CVSS 4.3 (medium): Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in…
CVE-2025-36576 — CVSS 2.7 (low): Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged…
CVE-2026-23859 — CVSS 2.7 (low): Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high…