CVE-2020-12142

{"id": "CVE-2020-12142", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "sirt@silver-peak.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 0.5}]}, "published": "2020-05-05T20:15:12.057", "references": [{"url": "https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf", "tags": ["Vendor Advisory"], "source": "sirt@silver-peak.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}, {"type": "Secondary", "source": "sirt@silver-peak.com", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell."}, {"lang": "es", "value": "1. Un usuario con credenciales de administrador puede recuperar el material clave IPSec UDP de las interfaces m\u00e1quina a m\u00e1quina y las interfaces accesibles para humanos. Dicho usuario, con el conocimiento requerido del sistema, podr\u00eda usar este material para descifrar la comunicaci\u00f3n en vuelo. 2. La vulnerabilidad requiere acceso administrativo y acceso a shell en el dispositivo EdgeConnect. Un usuario administrador puede acceder a los par\u00e1metros seed y nonce de IPSec utilizando la CLI, las API REST y el shell de Linux."}], "lastModified": "2023-11-07T21:16:04.017", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_amazon_web_services:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABAD6DEA-2F2B-41E3-ADCA-08FAC616A88E"}, {"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_azure:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "524DEFA6-6381-4ABC-9549-396B1FD60A62"}, {"criteria": "cpe:2.3:a:silver-peak:unity_edgeconnect_for_google_cloud_platform:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BD97B84-E986-4BD3-BDA0-1B9E13D183F6"}, {"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C770AE97-F96C-45B9-8F5A-F398E5ED9E13", "versionEndExcluding": "8.9.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-500_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAEC335D-2F77-4E16-BCBE-F805260D4975"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5B4A54E1-2C08-423C-99C2-D289EF360B22"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B25DCA3-FFE8-4FCF-9C7C-0765F5E35317"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F645C96A-7A60-4724-A102-5B86684A4DF7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5B47D55-3156-4433-A380-B11F5AB2BB3D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15E07EBC-2366-4369-AF75-90E12F34DE5D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-3000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "169A83DF-A052-4EC2-9396-036AA0234C35"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87FE30FB-F836-4D92-BAC2-CD3EABAE6F6E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-5000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7A7F8C0-969B-430C-8B2B-30BCD3C64400"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B7E4523-018F-40B0-A600-C5CCC58C9914"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-6000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD0BE9A9-FF36-4652-A122-3B3651958DEB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B913729C-2834-4FFD-B7A3-A96E96ECF10C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-7000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEFF5265-88F8-4637-BD72-6D7A19631ED2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE19BE53-00FB-400A-8F51-BFC5698C1779"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-9000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC60C235-7BA2-48C2-B6B4-3099AA271E5F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28CF057A-CD5E-4277-8A2E-8A8493143E61"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:vx-8000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02B86CCA-4367-44F9-A915-245532D799B4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:vx-8000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F682E0F6-EF2E-486F-B046-F4E813E5A078"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67036359-5CEC-43E8-9436-90D82DBC23D1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "204B5FB4-A1F7-445C-83C5-868A7BC698BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFC3B48D-74BF-422D-97C3-5EF3442DB315"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "51EFE7DD-16A7-4F1A-BA7D-0C008CB46075"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-2000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "110F488B-2169-41BE-A4B0-001D33F71C83"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6341B740-1EAD-4268-AF6C-F52191911FC8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-3000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2B50FEA-3BA8-4E42-A618-36D7524B5D06"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F9DD803-1DEE-4D19-B111-2B323C574DF5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-5000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A61BA34E-C1DA-4E1A-969B-88BABDD237AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "787A5C1F-D14F-49E7-8CBF-3F8BA152A4B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-6000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "051A9816-3175-424F-AC08-B3D3726CFFED"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8406F3C1-6D87-41E7-A158-78144B6D8EBD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-7000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBEEB980-A456-4EC2-9254-24CB59AD1CAB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F9716EB9-C00D-4964-B8B4-3BA5C044373E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-8000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A607F5E-CC24-4732-BBBD-A42316620F77"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-8000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A7C903F-6AB3-4F66-B8DE-2203B034D9A2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-9000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B21BB8F-B8AC-4595-8CDE-984651FB87B0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B72B1307-E5D3-4892-ADC7-896C676F4275"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-10k_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D017AD85-C92F-4F47-8442-66E2B3F5DF0C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-10k:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF3ABCC1-C71B-450C-9654-DF3324AE3859"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:silver-peak:nx-11k_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D60F6AB-1DC2-4E0C-AFE5-3D5E2E5EB252"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:nx-11k:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D388409D-5270-41AD-8755-74B2EDF6C9BC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@silver-peak.com"}