Vmware · Sd-Wan Orchestrator · CVE-2020-4002
**Name of the Vulnerable Software and Affected Versions**
SD-WAN Orchestrator versions 3.3.2 through 3.3.2 P3
SD-WAN Orchestrator versions 3.4.x through 3.4.4
SD-WAN Orchestrator versions 4.0.x through 4.0.1
**Description**
The SD-WAN Orchestrator handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.
**Recommendations**
For SD-WAN Orchestrator version 3.3.2, update to version 3.3.2 P3 or later.
For SD-WAN Orchestrator version 3.4.x, update to version 3.4.4 or later.
For SD-WAN Orchestrator version 4.0.x, update to version 4.0.1 or later.