CVSS: 8.5EPSS: 0%CPEs: 25EXPL: 0CVE-2020-12149 – OS Command Injection - Management File Upload
https://notcve.org/view.php?id=CVE-2020-12149
11 Dec 2020 — The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0. Se... • https://www.silver-peak.com/support/user-documentation/security-advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 44EXPL: 0CVE-2020-12142 – IPSec UDP key material can be retrieved from EdgeConnect by a user with admin credentials
https://notcve.org/view.php?id=CVE-2020-12142
05 May 2020 — 1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell. 1. • https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.0EPSS: 0%CPEs: 44EXPL: 0CVE-2020-12144 – The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated
https://notcve.org/view.php?id=CVE-2020-12144
05 May 2020 — The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal. El certificado usado para identificar el Silver Cloud Portal para dispositivos EdgeConnect no es validado. Esto hace posible que alguien establezca una conexión TLS desde EdgeConnect a un portal no confiable. • https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_portal-cve_2020_12144.pdf • CWE-295: Improper Certificate Validation •
CVSS: 6.0EPSS: 0%CPEs: 44EXPL: 0CVE-2020-12143 – The certificate used to identify Orchestrator to EdgeConnect devices is not validated
https://notcve.org/view.php?id=CVE-2020-12143
05 May 2020 — The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator. El certificado utilizado para identificar Orchestrator a los dispositivos EdgeConnect no está validado, lo que hace posible que alguien establezca una conexión TLS desde EdgeConnect a un Orchestrator no confiable. • https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_orchestrator-cve_2020_12143.pdf • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16099
https://notcve.org/view.php?id=CVE-2019-16099
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x permite CSRF mediante datos JSON a un archivo .swf. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16100
https://notcve.org/view.php?id=CVE-2019-16100
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x permite a los atacantes remotos desencadenar una interrupción de la interfaz web mediante lento tráfico HTTP del lado del cliente desde una sola fuente. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16101
https://notcve.org/view.php?id=CVE-2019-16101
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x permite a los atacantes remotos obtener trazas de pila potencialmente sensibles mediante el envío de datos JSON incorrectos a la API REST, como el URI rest/json/banners. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16102
https://notcve.org/view.php?id=CVE-2019-16102
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x tiene un servicio SNMP con un valor público para rocommunity y trapcommunity. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16103
https://notcve.org/view.php?id=CVE-2019-16103
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. Silver Peak EdgeConnect SD-WAN anterior de la versión 8.1.7.x permite la escalada de privilegios (por parte de los administradores) desde el menú a un shell de Bash OS raíz a través de la función spsshell. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16104
https://notcve.org/view.php?id=CVE-2019-16104
08 Sep 2019 — Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Silver Peak EdgeConnect SD-WAN anterior de la versión 8.1.7.x ha reflejado XSS a través del resto / json / configdb / download / PATH_INFO. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •