CVE-2020-3973

The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. A malicious actor with tenant access to Velocloud Orchestrator could enter specially crafted SQL queries and obtain data to which they are not privileged...

Security Advisory 0130

Security Advisory 0130 PDF Date: December 23, 2025 Revision | Date | Changes ---|---|--- 1.0 | October 16, 2019 | Initial release 1.1 | December 23, 2025 | Updated to Arista Format NOTICE: VeloCloud is now an Arista product. Arista Networks has reposted this advisory that was originally posted by...

Exploit for OS Command Injection in Vmware Nsx_Sd-Wan_By_Velocloud

CVE-2018-6961 Exploit in Python3 VMware NSX SD-WAN Edge by Ve...

PT-2018-17841 · Vmware · Vmware Nsx Sd-Wan Edge

Name of the Vulnerable Software and Affected Versions: VMware NSX SD-WAN Edge by VeloCloud versions prior to 3.1.0 Description: The local web UI component of the software contains a command injection issue. This component is disabled by default and should not be enabled on untrusted networks. The...

Security Advisory 0129

Security Advisory 0129 PDF Date: December 23, 2025 Revision | Date | Changes ---|---|--- 1.0 | May 13, 2018 | Initial release 1.1 | December 23, 2025 | Updated to Arista Format NOTICE: VeloCloud is now an Arista product. Arista Networks has reposted this advisory that was originally posted by...