CVE-2024-22264

HIGH

VMware Avi Load Balancer - Privilege Escalation

Title source: llm

Description

VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system.

References (1)

Core 1

Core References

Various Sources

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24219

Scores

CVSS v3 7.2

EPSS 0.0032

EPSS Percentile 55.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (2)

VMware/VMware Avi Load Balancer 22.1.x - 22.1.6

VMware/VMware Avi Load Balancer 30.x.x - 30.2.1

Published May 08, 2024

Tracked Since Feb 18, 2026