fkie_cve-2020-12144
Vulnerability from fkie_nvd
Published
2020-05-05 20:15
Modified
2024-11-21 04:59
Severity ?
6.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_amazon_web_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAD6DEA-2F2B-41E3-ADCA-08FAC616A88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_azure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "524DEFA6-6381-4ABC-9549-396B1FD60A62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_google_cloud_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD97B84-E986-4BD3-BDA0-1B9E13D183F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C770AE97-F96C-45B9-8F5A-F398E5ED9E13",
"versionEndExcluding": "8.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEC335D-2F77-4E16-BCBE-F805260D4975",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4A54E1-2C08-423C-99C2-D289EF360B22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B25DCA3-FFE8-4FCF-9C7C-0765F5E35317",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F645C96A-7A60-4724-A102-5B86684A4DF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B47D55-3156-4433-A380-B11F5AB2BB3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E07EBC-2366-4369-AF75-90E12F34DE5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169A83DF-A052-4EC2-9396-036AA0234C35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87FE30FB-F836-4D92-BAC2-CD3EABAE6F6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A7F8C0-969B-430C-8B2B-30BCD3C64400",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7E4523-018F-40B0-A600-C5CCC58C9914",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0BE9A9-FF36-4652-A122-3B3651958DEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B913729C-2834-4FFD-B7A3-A96E96ECF10C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFF5265-88F8-4637-BD72-6D7A19631ED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE19BE53-00FB-400A-8F51-BFC5698C1779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC60C235-7BA2-48C2-B6B4-3099AA271E5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CF057A-CD5E-4277-8A2E-8A8493143E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:vx-8000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02B86CCA-4367-44F9-A915-245532D799B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:vx-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F682E0F6-EF2E-486F-B046-F4E813E5A078",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67036359-5CEC-43E8-9436-90D82DBC23D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "204B5FB4-A1F7-445C-83C5-868A7BC698BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC3B48D-74BF-422D-97C3-5EF3442DB315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EFE7DD-16A7-4F1A-BA7D-0C008CB46075",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110F488B-2169-41BE-A4B0-001D33F71C83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6341B740-1EAD-4268-AF6C-F52191911FC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B50FEA-3BA8-4E42-A618-36D7524B5D06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9DD803-1DEE-4D19-B111-2B323C574DF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A61BA34E-C1DA-4E1A-969B-88BABDD237AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "787A5C1F-D14F-49E7-8CBF-3F8BA152A4B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "051A9816-3175-424F-AC08-B3D3726CFFED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8406F3C1-6D87-41E7-A158-78144B6D8EBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEEB980-A456-4EC2-9254-24CB59AD1CAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9716EB9-C00D-4964-B8B4-3BA5C044373E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-8000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A607F5E-CC24-4732-BBBD-A42316620F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7C903F-6AB3-4F66-B8DE-2203B034D9A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B21BB8F-B8AC-4595-8CDE-984651FB87B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72B1307-E5D3-4892-ADC7-896C676F4275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-10k_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D017AD85-C92F-4F47-8442-66E2B3F5DF0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-10k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF3ABCC1-C71B-450C-9654-DF3324AE3859",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:silver-peak:nx-11k_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D60F6AB-1DC2-4E0C-AFE5-3D5E2E5EB252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arubanetworks:nx-11k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D388409D-5270-41AD-8755-74B2EDF6C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal."
},
{
"lang": "es",
"value": "El certificado usado para identificar el Silver Cloud Portal para dispositivos EdgeConnect no es validado. Esto hace posible que alguien establezca una conexi\u00f3n TLS desde EdgeConnect a un portal no confiable."
}
],
"id": "CVE-2020-12144",
"lastModified": "2024-11-21T04:59:21.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "sirt@silver-peak.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-05T20:15:12.200",
"references": [
{
"source": "sirt@silver-peak.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_portal-cve_2020_12144.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_portal-cve_2020_12144.pdf"
}
],
"sourceIdentifier": "sirt@silver-peak.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "sirt@silver-peak.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…