Server-Side Request Forgery (SSRF) Vulnerability in EdgeConnect SD-WAN Orchestrator

Server-Side Request Forgery (SSRF) Vulnerability in EdgeConnect SD-WAN Orchestrator

CVE-2023-37440 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A successful exploit allows an attacker to enumerate information about the internal     structure of the EdgeConnect SD-WAN Orchestrator host leading to potential disclosure of sensitive information.

Learn more about our Web App Pen Testing.