CVE-2024-22444

Name of the Vulnerable Software and Affected Versions: EdgeConnect SD-WAN Orchestrator (affected versions not specified)

Description: A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. The issue exists due to inadequate protection of the web page structure.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.