Vulnerability Details CVE-2020-12146
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.446
EPSS Ranking 97.5%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 6.5
References
Products affected by CVE-2020-12146
-
cpe:2.3:a:silver-peak:unity_orchestrator:-
-
cpe:2.3:a:silver-peak:unity_orchestrator:6
-
cpe:2.3:a:silver-peak:unity_orchestrator:6.2
-
cpe:2.3:a:silver-peak:unity_orchestrator:7.3
-
cpe:2.3:a:silver-peak:unity_orchestrator:8
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.1
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.10
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.5
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.6
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.7
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.8
-
cpe:2.3:a:silver-peak:unity_orchestrator:8.9.2
-
cpe:2.3:a:silver-peak:unity_orchestrator:9.0