Filtered by vendor Silver-peak
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12146 | 1 Silver-peak | 1 Unity Orchestrator | 2020-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API. | |||||
| CVE-2020-12147 | 1 Silver-peak | 1 Unity Orchestrator | 2020-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing. | |||||
| CVE-2019-16100 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. | |||||
| CVE-2019-16103 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. | |||||
| CVE-2019-16099 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2019-09-09 | 6.8 MEDIUM | 8.8 HIGH |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. | |||||