Vulnerabilities > CVE-2020-4002 - Unspecified vulnerability in VMWare Sd-Wan Orchestrator 3.3.2/3.4.0/4.0.0

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
vmware

Summary

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.

Vulnerable Configurations

Part Description Count
Application
Vmware
5