Vulnerabilities > Silver Peak > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-12147 | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing. | 8.8 |
| 2020-11-05 | CVE-2020-12146 | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API. | 8.8 |
| 2019-09-08 | CVE-2019-16103 | Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. | 7.2 |
| 2019-09-08 | CVE-2019-16100 | Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. | 7.5 |
| 2019-09-08 | CVE-2019-16099 | Cross-Site Request Forgery (CSRF) vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. | 8.8 |