Cybersecurity Alerts

VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability

VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-78

References

• https://nvd.nist.gov/vuln/detail/CVE-2018-6961