Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 5:47 p.m.8 views

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

6.5CVSS7.3AI score0.22367EPSS
Exploits0
cvelist
cvelist
added 2020/11/24 3:34 p.m.34 views

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

6.6AI score0.22367EPSS
Exploits0References1
cve
cve
added 2020/11/24 3:34 p.m.89 views

CVE-2020-3984

The CVE-2020-3984 issue affects SD-WAN Orchestrator (versions 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4) where insufficient input validation permits SQL injection via a vulnerable API call by an authenticated user, potentially leading to unauthorized data access. This is corroborated in Re...

6.5CVSS7.1AI score0.22367EPSS
Exploits0References1Affected Software1
vmware
vmware
added 2020/11/18 12:0 a.m.60 views

VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)

3a. SQL injection vulnerability due to improper input validation CVE-2020-3984 The SD-WAN Orchestrator does not apply correct input validation which allows for SQL-injection. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of...

7.5CVSS7.5AI score0.43017EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder