Vmware · Vmware Sd-Wan · CVE-2023-20899
**Name of the Vulnerable Software and Affected Versions**
VMware SD-WAN (Edge) (affected versions not specified)
**Description**
The issue is related to a bypass authentication vulnerability in the web interface of VMware SD-WAN Edge devices. This vulnerability is due to inadequate access control and can be exploited by a remote attacker to bypass security restrictions. As a result, an unauthenticated attacker can download the Diagnostic bundle, which contains configuration files, logs, and related events, potentially allowing them to read, modify, or delete data.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.