VMware SD-WAN Vulnerability Let Attacker Bypass Authentication

An authentication bypass vulnerability exists in VMware SD-WAN (Edge). Upon successful exploitation, unauthorized attackers gain access to the application’s Diagnostic package under VMware SD-WAN Management.

“An unauthenticated attacker can download the Diagnostic bundle of the application under Management”, according to VMware Security Advisory.

This vulnerability is identified to be CVE-2023-20899. With a maximum CVSSv3 base score of 5.3, the problem was rated as having a “moderate severity range.”

This issue was reported to VMware by Marco Bruinenberg of Accenture.

VMware mentions that “This vulnerability affects Edge devices only and not the SD-WAN management console (VCO)”. For vulnerable VMware products, updates are available to fix this issue.

Details of the VMware SD-WAN Edges 

Software-Defined WAN (SD-WAN) reduces the total cost of ownership while resolving network complexity.

Through quick zero-touch provisioning, cloud administration, app performance optimization across any WAN link, managed on-ramps that speed up cloud adoption, and strong edge security, SD-WAN streamlines operations.

VMware SD-WAN Edges are enterprise-class zero-touch appliances that deliver secure, optimized connections to private, public, and hybrid apps, compute, and virtualized services.

The SD-WAN Edge executes functionality that receives ingress IP Packets over the SD-WAN UNI, decides how to handle them based on routing information, applicable policies, other service attributes, and knowledge of the UCSs, and if necessary, forwards them over one of the available UCS UNIs.

For businesses adopting cloud and SaaS, VMware SD-WAN combines industry-leading with robust security.

Organizations may automate and optimize connection, guarantee application performance, streamline operations, and hasten their LAN and WAN transformation journey by utilizing its special network of cloud services to chain or sequence multi-clouds.

VMware SD-WAN offers the best application and cloud access, safely and reliably, through a hyper-scale approach with more than 3000+ cloud service nodes spread over 100+ POPs internationally. It is available as a service and is supported by top telecom partners and hundreds of VARs globally.

Fixes Available

To avoid this issue, upgrading to version 4.5.2 or 5.1 is advised to patch this vulnerability.

“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.