SB2026071487 - Multiple vulnerabilities in VMware Avi Load Balancer
Published: July 14, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 vulnerabilities.
1) Improper Authentication (CVE-ID: CVE-2026-47865)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication and access the Avi Control plane.
The vulnerability exists due to improper authentication in the authentication mechanism when handling network requests to the Avi Control plane. A remote attacker can send crafted requests to bypass authentication and access the Avi Control plane.
2) Improper Authentication (CVE-ID: CVE-2026-47866)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to bypass authentication and access a limited subset of the Avi Control Plane.
The vulnerability exists due to improper authentication in the authentication mechanism when handling network requests to the Avi Control Plane. A remote user can send crafted requests to bypass authentication and access a limited subset of the Avi Control Plane.
3) Code Injection (CVE-ID: CVE-2026-47867)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to execute arbitrary code.
The vulnerability exists due to an unspecified flaw in the Avi Control plane when handling network access to the Avi Control plane. A remote privileged user can access the Avi Control plane and execute code remotely to execute arbitrary code.
4) Improper privilege management (CVE-ID: CVE-2026-47868)
CWE-ID: CWE-269 - Improper Privilege Management
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges and run code as root.
The vulnerability exists due to an unspecified flaw in VMware Avi Load Balancer when handling local access. A local user can exploit the issue to escalate privileges and run code as root.
5) Code Injection (CVE-ID: CVE-2026-47869)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to execute arbitrary code.
The vulnerability exists due to code injection in VMware Avi Load Balancer when handling network requests. A remote privileged user can inject and execute code to execute arbitrary code.
6) Improper privilege management (CVE-ID: CVE-2026-47870)
CWE-ID: CWE-269 - Improper Privilege Management
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to execute arbitrary code.
The vulnerability exists due to improper privilege management in VMware Avi Load Balancer when handling network requests. A remote user can send crafted requests to execute remote code.
7) Path traversal (CVE-ID: CVE-2026-47871)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to path traversal in file path validation when handling user-supplied file paths. A remote user can supply crafted file paths to perform directory traversal attacks.
Remediation
Install update from vendor's website.
References
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37926
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
- https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H