fkie_cve-2020-12142
Vulnerability from fkie_nvd
Published
2020-05-05 20:15
Modified
2024-11-21 04:59
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_amazon_web_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAD6DEA-2F2B-41E3-ADCA-08FAC616A88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_azure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "524DEFA6-6381-4ABC-9549-396B1FD60A62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_google_cloud_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD97B84-E986-4BD3-BDA0-1B9E13D183F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C770AE97-F96C-45B9-8F5A-F398E5ED9E13",
"versionEndExcluding": "8.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEC335D-2F77-4E16-BCBE-F805260D4975",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4A54E1-2C08-423C-99C2-D289EF360B22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B25DCA3-FFE8-4FCF-9C7C-0765F5E35317",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F645C96A-7A60-4724-A102-5B86684A4DF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B47D55-3156-4433-A380-B11F5AB2BB3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E07EBC-2366-4369-AF75-90E12F34DE5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169A83DF-A052-4EC2-9396-036AA0234C35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87FE30FB-F836-4D92-BAC2-CD3EABAE6F6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A7F8C0-969B-430C-8B2B-30BCD3C64400",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7E4523-018F-40B0-A600-C5CCC58C9914",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0BE9A9-FF36-4652-A122-3B3651958DEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B913729C-2834-4FFD-B7A3-A96E96ECF10C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFF5265-88F8-4637-BD72-6D7A19631ED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE19BE53-00FB-400A-8F51-BFC5698C1779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC60C235-7BA2-48C2-B6B4-3099AA271E5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CF057A-CD5E-4277-8A2E-8A8493143E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-8000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02B86CCA-4367-44F9-A915-245532D799B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F682E0F6-EF2E-486F-B046-F4E813E5A078",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67036359-5CEC-43E8-9436-90D82DBC23D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "204B5FB4-A1F7-445C-83C5-868A7BC698BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC3B48D-74BF-422D-97C3-5EF3442DB315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EFE7DD-16A7-4F1A-BA7D-0C008CB46075",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110F488B-2169-41BE-A4B0-001D33F71C83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6341B740-1EAD-4268-AF6C-F52191911FC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B50FEA-3BA8-4E42-A618-36D7524B5D06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9DD803-1DEE-4D19-B111-2B323C574DF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A61BA34E-C1DA-4E1A-969B-88BABDD237AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "787A5C1F-D14F-49E7-8CBF-3F8BA152A4B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "051A9816-3175-424F-AC08-B3D3726CFFED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8406F3C1-6D87-41E7-A158-78144B6D8EBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEEB980-A456-4EC2-9254-24CB59AD1CAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9716EB9-C00D-4964-B8B4-3BA5C044373E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-8000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A607F5E-CC24-4732-BBBD-A42316620F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7C903F-6AB3-4F66-B8DE-2203B034D9A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B21BB8F-B8AC-4595-8CDE-984651FB87B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72B1307-E5D3-4892-ADC7-896C676F4275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-10k_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D017AD85-C92F-4F47-8442-66E2B3F5DF0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-10k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF3ABCC1-C71B-450C-9654-DF3324AE3859",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-11k_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D60F6AB-1DC2-4E0C-AFE5-3D5E2E5EB252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-11k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D388409D-5270-41AD-8755-74B2EDF6C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell."
},
{
"lang": "es",
"value": "1. Un usuario con credenciales de administrador puede recuperar el material clave IPSec UDP de las interfaces m\u00e1quina a m\u00e1quina y las interfaces accesibles para humanos. Dicho usuario, con el conocimiento requerido del sistema, podr\u00eda usar este material para descifrar la comunicaci\u00f3n en vuelo. 2. La vulnerabilidad requiere acceso administrativo y acceso a shell en el dispositivo EdgeConnect. Un usuario administrador puede acceder a los par\u00e1metros seed y nonce de IPSec utilizando la CLI, las API REST y el shell de Linux."
}
],
"id": "CVE-2020-12142",
"lastModified": "2024-11-21T04:59:20.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 4.2,
"source": "sirt@silver-peak.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-05T20:15:12.057",
"references": [
{
"source": "sirt@silver-peak.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf"
}
],
"sourceIdentifier": "sirt@silver-peak.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "sirt@silver-peak.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…