Vulnerabilidades en Silver Peak Systems, Inc.
8 resultadosCVE-2020-12146MEDIUMSilver Peak Unity OrchestratorTM subject to path traversal.EPSS 27.6%CVE-2020-12145MEDIUMSilver Peak Unity OrchestratorTM authentication can be subverted through manipulation of HTTP headers.EPSS 6.0%CVE-2020-12148MEDIUMOS Command Injection - nslookup APIEPSS 2.1%CVE-2020-12147MEDIUMUnauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database.EPSS 1.5%CVE-2020-12149MEDIUMOS Command Injection - Management File UploadEPSS 1.3%CVE-2020-12142MEDIUMIPSec UDP key material can be retrieved from EdgeConnect by a user with admin credentialsEPSS 0.7%CVE-2020-12143MEDIUMThe certificate used to identify Orchestrator to EdgeConnect devices is not validatedEPSS 0.3%CVE-2020-12144MEDIUMThe certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validatedEPSS 0.3%