CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16102
https://notcve.org/view.php?id=CVE-2019-16102
Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x tiene un servicio SNMP con un valor público para rocommunity y trapcommunity. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16103
https://notcve.org/view.php?id=CVE-2019-16103
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. Silver Peak EdgeConnect SD-WAN anterior de la versión 8.1.7.x permite la escalada de privilegios (por parte de los administradores) desde el menú a un shell de Bash OS raíz a través de la función spsshell. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16104
https://notcve.org/view.php?id=CVE-2019-16104
Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Silver Peak EdgeConnect SD-WAN anterior de la versión 8.1.7.x ha reflejado XSS a través del resto / json / configdb / download / PATH_INFO. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16105
https://notcve.org/view.php?id=CVE-2019-16105
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x permite un salto de directorio ..%2f mediante el URI rest/json/configdb/download/. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2975
https://notcve.org/view.php?id=CVE-2014-2975
Cross-site scripting (XSS) vulnerability in php/user_account.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. Vulnerabilidad de XSS en php/user_account.php en Silver Peak VX anterior a 6.2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro user_id. • http://www.kb.cert.org/vuls/id/867980 http://www.securityfocus.com/bid/68923 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •