GCVE - cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Silver Peak (`77cd4f1a-c733-53b7-a3b8-3b473b1d2953`)
Product	Vx 2000 Firmware (`0ad2a9ba-a8b2-5007-a1ca-4fc593308eec`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-12144`	vulnerable	2026-06-03 14:41:33.506084	The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated MEDIUM (6) The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal. Published: 2020-05-05T19:54:00.000Z Updated: 2024-08-04T11:48:58.453Z Open on db.gcve.eu Reference links https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_portal-cve_2020_12144.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12143`	vulnerable	2026-06-03 14:41:33.499286	The certificate used to identify Orchestrator to EdgeConnect devices is not validated MEDIUM (6) The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator. Published: 2020-05-05T19:53:56.000Z Updated: 2024-08-04T11:48:58.488Z Open on db.gcve.eu Reference links https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_rogue_orchestrator-cve_2020_12143.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12142`	vulnerable	2026-06-03 14:41:33.479761	IPSec UDP key material can be retrieved from EdgeConnect by a user with admin credentials MEDIUM (4.8) 1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell. Published: 2020-05-05T19:54:07.000Z Updated: 2024-08-04T11:48:58.551Z Open on db.gcve.eu Reference links https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.