VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixed in 31.2.2-2p3)
30.1.1 through 30.2.6 (fixed in 30.2.7)
22.1.1 through 22.1.7 (fixed in 30.2.7)