TTCSIRT-119.051718: TT-CSIRT Advisory – VMware Security Updates

TTCSIRT-119.051718: TT-CSIRT Advisory – VMware Security Updates

VMware has released a security update stating that VMware NSX SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks as successful exploitation of this issue could result in remote code execution.

Further information on this vulnerability and how it can be mitigated can be found on VMWare Website at https://www.vmware.com/security/advisories/VMSA-2018-0011.html