Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-22247
HistoryApr 02, 2024 - 4:15 p.m.

CVE-2024-22247

2024-04-0216:15:07
CWE-287
[email protected]
web.nvd.nist.gov
4
vmware
sd-wan edge
authentication
vulnerability
bios
configuration
boot priority

CVSS3

4.8

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

AI Score

5

Confidence

High

EPSS

0

Percentile

9.0%

JSON

VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability.

A malicious actor with physical access to the SD-WAN Edge appliance
during activation can potentially exploit this vulnerability to access
the BIOS configuration. In addition, the malicious actor may be able to
exploit the default boot priority configured.

Related

vulnrichment 1
cve 1
cvelist 1
vmware 1
vulnrichment
vulnrichment
CVE-2024-22247
2024-04-02 15:49:41
cve
cve
CVE-2024-22247
2024-04-02 16:15:07
cvelist
cvelist
CVE-2024-22247
2024-04-02 15:49:41
vmware
vmware
VMware SD-WAN Edge and SD-WAN Orchestrator updates address multiple security vulnerabilities.
2024-04-02 00:00:00

CVSS3

4.8

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

AI Score

5

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for NVD:CVE-2024-22247
vulnrichment1cve1cvelist1vmware1