Known Vulnerabilities
CVE-2024-22247
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be able to exploit the default boot priority configured.
MEDIUM
CVSS 4.8
Published Apr 02, 2024
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router.
HIGH
CVSS 7.4
Published Apr 02, 2024