Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:47 p.m.8 views

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

6.5CVSS7.3AI score0.22367EPSS
Exploits0
CVE
CVE
added 2020/11/24 3:34 p.m.88 views

CVE-2020-3984

The CVE-2020-3984 issue affects SD-WAN Orchestrator (versions 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4) where insufficient input validation permits SQL injection via a vulnerable API call by an authenticated user, potentially leading to unauthorized data access. This is corroborated in Re...

6.5CVSS7.1AI score0.22367EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/24 3:34 p.m.31 views

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

6.6AI score0.22367EPSS
Exploits0References1
VMware
VMware
added 2020/11/18 12:0 a.m.57 views

VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)

3a. SQL injection vulnerability due to improper input validation CVE-2020-3984 The SD-WAN Orchestrator does not apply correct input validation which allows for SQL-injection. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of...

7.5CVSS7.5AI score0.43017EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder