Silver-peak : Security Vulnerabilities, CVEs, (Directory traversal)
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.
Max CVSS
8.8
EPSS Score
0.13%
Published
2020-11-05
Updated
2020-11-12
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API.
Max CVSS
8.8
EPSS Score
0.13%
Published
2020-11-05
Updated
2020-11-12
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.
Max CVSS
4.9
EPSS Score
0.09%
Published
2019-09-08
Updated
2019-09-09
3 vulnerabilities found