Configuration

CVE-2021-21532

Medium

5/10

Summary

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.

Attack Complexity: HIGH
Attack Vector: ADJACENT_NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

CWE-16 - Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

References

Advisory Timeline

Published Apr 02, 2021

Configuration

CVE-2021-21532

Summary

CWE-16 - Configuration

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS