CVE-2025-36576
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-06-10
Last updated on: 2025-07-11
Assigner: Dell
Description
Description
Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | wyse_management_suite | to 5.2 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in Dell Wyse Management Suite versions prior to 5.2. It allows a high privileged attacker with remote access to potentially exploit the system, leading to Server-side request forgery.
How can this vulnerability impact me? :
An attacker with high privileges and remote access could exploit this vulnerability to perform unauthorized server-side requests, which may lead to denial of service or other disruptions, as indicated by the low impact on confidentiality and integrity but some impact on availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70