Silver-peak : Security vulnerabilities, CVEs directory traversal

Copy

CVE-2020-12147

In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.

Max CVSS

8.8

EPSS Score

0.13%

Published

2020-11-05

Updated

2020-11-12

CVE-2020-12146

In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API.

Max CVSS

8.8

EPSS Score

0.13%

Published

2020-11-05

Updated

2020-11-12

CVE-2019-16105

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.

Max CVSS

4.9

EPSS Score

0.09%

Published

2019-09-08

Updated

2019-09-09

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!