CVE-2026-23859
Received Received - Intake
Bypass Vulnerability in Dell Wyse Management Suite Prior to

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: Dell

Description
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23859
EUVD
EUVD-2026-8561
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dell wyse_management_suite to 5.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-602 The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in Dell Wyse Management Suite versions prior to WMS 5.5 and involves a Client-Side Enforcement of Server-Side Security flaw. This means that security controls intended to be enforced by the server are instead enforced on the client side, which can be bypassed by a high privileged attacker with remote access.

Impact Analysis

An attacker with high privileges and remote access could exploit this vulnerability to bypass protection mechanisms. This could lead to unauthorized actions or changes that the server-side security is supposed to prevent.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23859. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart