Lucene search
PRIOn knowledge basePRION:CVE-2020-12147HistoryNov 05, 2020 - 7:15 p.m.
Code injection
2020-11-0519:15:00
PRIOn knowledge base
www.prio-n.com
6
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.
| CPE | Name | Operator | Version |
|---|---|---|---|
| unity_orchestrator | ge | 9.0 | |
| unity_orchestrator | lt | 9.0.1 | |
| unity_orchestrator | ge | 8.10 | |
| unity_orchestrator | lt | 8.10.11 | |
| unity_orchestrator | eq | < 8.9.11 |
Related
nvd
nvd
CVE-2020-12147
2020-11-05 19:15:12
dsquare
dsquare
Silver Peak Unity Orchestrator SQL Injection
2020-11-12 00:00:00
cvelist
cvelist
cve
cve
CVE-2020-12147
2020-11-05 19:15:12
threatpost
threatpost
Silver Peak SD-WAN Bugs Allow for Network Takeover
2020-11-11 21:04:06