Improper Authentication Vulnerability in Wyse Device Agent Version 14.6.1.4 and Below

Improper Authentication Vulnerability in Wyse Device Agent Version 14.6.1.4 and Below

CVE-2022-23156 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server.

Learn more about our Cis Benchmark Audit For Server Software.