10 matches found
CVE-2020-12142
1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...
EUVD-2020-4457
Malware in sbrugna...
EUVD-2020-4463
Malware in sbrugna...
CVE-2020-12148
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM ECOS appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish a...
CVE-2020-12149
The configuration backup/restore function in Silver Peak Unity ECOSTM ECOS appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This...
CVE-2020-12148
CVE-2020-12148 is a command injection flaw in the nslookup API of Silver Peak Unity ECOS appliances. The vulnerability allows an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI to run arbitrary commands with the web server’s privileges, potentially taking control of th...
CVE-2020-12148 OS Command Injection - nslookup API
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM ECOS appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish a...
PT-2020-6945 · Silver Peak · Silver Peak Unity Ecostm
Name of the Vulnerable Software and Affected Versions: Silver Peak Unity ECOSTM ECOS versions prior to 8.1.9.15 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.0.8 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.1.2 Silver Peak Unity ECOSTM ECOS versions prior to 8.3.2.0 Silver Peak Unity...
CVE-2020-12142
IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...
CVE-2019-16102
Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity...