Silver Peak Unity EdgeConnect
Approved changes feed: RSS · Atom
cpe:2.3:h:silver-peak:unity_edgeconnect:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Silver Peak (77cd4f1a-c733-53b7-a3b8-3b473b1d2953) |
|---|---|
| Product | Unity Edgeconnect (3cefc03d-eba2-5e9c-a7d4-6cf4fa0d8144) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-12149 |
not_vulnerable | 2026-06-03 14:41:33.530854 |
OS Command Injection - Management File Upload
MEDIUM (6.8)
The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.
Published: 2020-12-11T15:23:32.991Z
Updated: 2024-09-16T23:26:33.482Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.