CVE-2020-11022 CVE-2020-11023 Vulnerabilities reported on NSX NDR standalone Manager
search cancel

CVE-2020-11022 CVE-2020-11023 Vulnerabilities reported on NSX NDR standalone Manager

book

Article ID: 383556

calendar_today

Updated On:

Products

VMware vDefend Network Detection and Response

Issue/Introduction

Running a Vulnerability scan of the NSX NDR standalone Manager may report the jquery vulnerabilities CVE-2020-11022 CVE-2020-11023

Environment

This will happen on all current version of NSX NDR standalone Manager

Cause

This is a result of our use of jquery in our User Interface

Resolution

Unfortunately this is not something we can easily address in a timely manner. We will work to address this in the future, but it will take some time. The best approach to mitigate this would be to implement access controls on what IPs can access the Manager UI and CLI.