CVE-2020-12148

🗓️ 11 Dec 2020 15:24:23Reported by Silver PeakType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 38 Views

Command injection flaw in nslookup API in Silver Peak Unity ECOSTM appliance software, leading to arbitrary command execution

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2020-12148	11 Dec 202018:37	–	circl
CNNVD	Silver Peak Systems EdgeConnect Software Operating System Command Injection Vulnerability	11 Dec 202000:00	–	cnnvd
Cvelist	CVE-2020-12148 OS Command Injection - nslookup API	11 Dec 202015:24	–	cvelist
EUVD	EUVD-2020-4463	7 Oct 202500:30	–	euvd
NVD	CVE-2020-12148	11 Dec 202016:15	–	nvd
Prion	Command injection	11 Dec 202016:15	–	prion
Positive Technologies	PT-2020-6945 · Silver Peak · Silver Peak Unity Ecostm	11 Dec 202000:00	–	ptsecurity

NVD

Node

arubanetworks edgeconnect_enterpriseRange8.1–8.1.9.15

arubanetworks edgeconnect_enterpriseRange8.3.0–8.3.0.8

arubanetworks edgeconnect_enterpriseRange8.3.1–8.3.1.2

arubanetworks edgeconnect_enterpriseRange9.0–9.0.2.0

AND

arubanetworks vx-1000Match-

arubanetworks vx-2000Match-

arubanetworks vx-3000Match-

arubanetworks vx-500Match-

arubanetworks vx-5000Match-

arubanetworks vx-6000Match-

arubanetworks vx-7000Match-

arubanetworks vx-8000Match-

arubanetworks vx-9000Match-

arubanetworks nx-10700Match-

arubanetworks nx-11700Match-

arubanetworks nx-1700Match-

arubanetworks nx-2700Match-

arubanetworks nx-3700Match-

arubanetworks nx-5700Match-

arubanetworks nx-6700Match-

arubanetworks nx-700Match-

arubanetworks nx-7700Match-

arubanetworks nx-8700Match-

arubanetworks nx-9700Match-

[
  {
    "product": "ECOS",
    "vendor": "Silver Peak Systems, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "All current ECOS versions prior to 8.1.9.15"
      },
      {
        "status": "affected",
        "version": "8.3.0.8"
      },
      {
        "status": "affected",
        "version": "8.3.1.2"
      },
      {
        "status": "affected",
        "version": "8.3.2.0"
      },
      {
        "status": "affected",
        "version": "9.0.2.0"
      },
      {
        "status": "affected",
        "version": "and 9.1.0.0"
      }
    ]
  }
]

Source	Link
silver-peak	www.silver-peak.com/support/user-documentation/security-advisories

12 Dec 2024 18:19Current

7.2High risk

Vulners AI Score7.2

CVSS 3.16.8

CVSS 28.5

EPSS0.00251

CWE-78