Vulnerabilities > CVE-2023-20899 - Missing Authorization vulnerability in VMWare Sd-Wan Edge Firmware 4.5.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
vmware
CWE-862

Summary

VMware SD-WAN (Edge) contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management.

Vulnerable Configurations

Part Description Count
OS
Vmware
1
Hardware
Vmware
1

Common Weakness Enumeration (CWE)