Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.9 views

CVE-2020-12142

1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...

4.9CVSS7AI score0.00722EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-4457

Malware in sbrugna...

4.9CVSS5.2AI score0.00722EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4463

Malware in sbrugna...

8.5CVSS6.6AI score0.02058EPSS
Exploits0References2
NVD
NVD
added 2020/12/11 4:15 p.m.29 views

CVE-2020-12148

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM ECOS appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish a...

8.5CVSS7.2AI score0.02058EPSS
Exploits0References1
OSV
OSV
added 2020/12/11 4:15 p.m.3 views

CVE-2020-12149

The configuration backup/restore function in Silver Peak Unity ECOSTM ECOS appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This...

6.8CVSS6.6AI score0.01311EPSS
Exploits0References1
CVE
CVE
added 2020/12/11 3:24 p.m.49 views

CVE-2020-12148

CVE-2020-12148 is a command injection flaw in the nslookup API of Silver Peak Unity ECOS appliances. The vulnerability allows an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI to run arbitrary commands with the web server’s privileges, potentially taking control of th...

8.5CVSS7.2AI score0.02058EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/12/11 3:24 p.m.33 views

CVE-2020-12148 OS Command Injection - nslookup API

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM ECOS appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish a...

6.8CVSS7.2AI score0.02058EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/12/11 12:0 a.m.6 views

PT-2020-6945 · Silver Peak · Silver Peak Unity Ecostm

Name of the Vulnerable Software and Affected Versions: Silver Peak Unity ECOSTM ECOS versions prior to 8.1.9.15 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.0.8 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.1.2 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.2.0 Silver Peak Unity...

8.5CVSS8.4AI score0.02058EPSS
Exploits0References11
NVD
NVD
added 2020/05/05 8:15 p.m.23 views

CVE-2020-12142

IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...

4.9CVSS5AI score0.00722EPSS
Exploits0References1
OSV
OSV
added 2019/09/08 5:15 p.m.5 views

CVE-2019-16102

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity...

9.8CVSS7.3AI score0.0154EPSS
Exploits0References1
Rows per page
Query Builder