Rewterz Threat Advisory – CVE-2023-20899 – VMware SD-WAN (Edge) Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-20899

VMware SD-WAN (Edge) could allow a remote attacker to obtain sensitive information, caused by improper authentication. An attacker could exploit this vulnerability to download the Diagnostic bundle of the application under VMware SD-WAN Management and use this information to launch further attacks against the affected system.

Impact

• Information Disclosure

Indicators Of Compromise

CVE

• CVE-2023-37450

Affected Vendors

VMware

Affected Products

• VMware SD-WAN (Edge) 5.0
• VMware SD-WAN (Edge) 4.5

Remediation

efer to VMware Security Advisory for patch, upgrade or suggested workaround information.

VMware Security Advisory