Sensitive Data Exposure Vulnerability in Wyse Device Agent 14.6.1.4 and Below

Sensitive Data Exposure Vulnerability in Wyse Device Agent 14.6.1.4 and Below

CVE-2022-23158 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server

Learn more about our Cis Benchmark Audit For Server Software.