CVE-2021-21532 is a vulnerability in Dell Wyse Thinos
Published on April 2, 2021

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

Products Associated with CVE-2021-21532

Want to know whenever a new CVE is published for Dell Wyse Thinos? stack.watch will email you.

Dell Wyse Thinos

Affected Versions

Dell Wyse Proprietary OS (ThinOS):

Version unspecified and below ThinOS 8.6 MR9 is affected.

Exploit Probability

EPSS

0.05%

Percentile

15.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.