PT-2024-3861 · Vmware · Vmware Sd-Wan Edge
Saif Aziz
+1
·
Published
2024-04-02
·
Updated
2024-07-03
·
CVE-2024-22247
CVSS v3.1
4.8
Medium
| Vector | AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
VMware SD-WAN Edge (affected versions not specified)
Description
The issue is related to a missing authentication and protection mechanism in the VMware SD-WAN Edge appliance. A malicious actor with physical access to the appliance during activation can potentially exploit this to access the BIOS configuration. Additionally, the malicious actor may be able to exploit the default boot priority configured.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vmware Sd-Wan Edge