VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.
Affected versions:
31.1.1 through 31.2.2 (fixed in 31.2.2-2p3)
30.1.1 through 30.2.6 (fixed in 30.2.7)
22.1.1 through 22.1.7 (fixed in 30.2.7)
Metrics
Affected Vendors & Products
References
History
Sat, 18 Jul 2026 09:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism. Affected versions: 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7) | |
| Title | VMware Avi Load Balancer Authentication Bypass Vulnerability | |
| Weaknesses | CWE-287 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: vmware
Published:
Updated: 2026-07-18T08:57:05.890Z
Reserved: 2026-05-20T10:00:57.076Z
Link: CVE-2026-47865
No data.
No data.
No data.
OpenCVE Enrichment
No data.