Update azure-vmware-solution-known-issues.md

Zsoldier · web-flow · commit 78c4e2f09a87 · 2025-06-16T11:00:44.000+09:00
Fixed grammatical issues.
diff --git a/articles/azure-vmware/azure-vmware-solution-known-issues.md b/articles/azure-vmware/azure-vmware-solution-known-issues.md
@@ -15,7 +15,7 @@ Refer to the table to find details about resolution dates or possible workaround
 
 |Issue | Date discovered | Workaround | Date resolved |
 | :------------------------------------- | :------------ | :------------- | :------------- |
-| Creating stateful firewall rules associated with Azure VMware Solution default Tier-0 NSX-T causes unwanted behavior. | May 2025 | Azure VMware Solution deploys with a stateless NSX-T Tier-0 router.  As such, stateful firewall rules are incompatible even though the NSX-T UI may allow it.  Apply stateful services and/or firewall rules at the Tier-1 router. | N/A
+| Creating stateful gateway firewall rules associated with Azure VMware Solution default NSX-T tier-0 router causes unwanted/unexpected behavior. | May 2025 | Azure VMware Solution deploys with a stateless NSX-T tier-0 router.  As such, stateful firewall rules are incompatible even though the NSX-T UI may allow it.  Apply stateful services and/or firewall rules at the tier-1 router. | N/A
 | AV64 hosts running vSAN Express Storage Architecture (ESA), may see a High pNIC errors due to buffer overflows. [Getting alarm in relation to "High pNic error rate detected" on hosts in vSAN clusters when using Mellanox NICs](https://knowledge.broadcom.com/external/article/392333/getting-alarm-in-relation-to-high-pnic-e.html) | June 2025 |  The alert should be considered an informational message, since Microsoft manages the service. Select the **Reset to Green** link to clear it. |
 |[VMSA-2025-0012](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738) Multiple vulnerabilities (CVE-2025-22243, CVE-2025-22244, CVE-2025-22245) have been identified in VMware NSX. | May 2025 | The vulnerability described in the Broadcom document does not apply to Azure VMware Solution due to existing compensating controls mitigate the risk of exploitation. | The upcoming version of NSX will include a patch to address this vulnerability. |
 |[VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) Multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228) have been identified in VMware ESXi and vCenter Server. | May 2025 | Microsoft, in collaboration with Broadcom/VMware, has confirmed the applicability of these vulnerabilities to Azure VMware Solution (AVS). Existing security controls, including cloudadmin role restrictions and network isolation, are deemed to significantly mitigate the impact of these vulnerabilities prior to official patching. The vulnerabilities have been adjudicated with a combined adjusted Environmental Score of [6.8](https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H) within the Azure VMware Solution. Until the update is fully addressed, customers are advised to exercise additional caution when granting administrative access to guest virtual machines and to actively monitor any administrative activities performed on them. | N/A |
