1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
History
07 Nov 2023, 21:16
Type | Values Removed | Values Added |
---|---|---|
First Time |
Arubanetworks nx-6000
Arubanetworks vx-3000 Arubanetworks nx-7000 Arubanetworks nx-5000 Arubanetworks nx-9000 Arubanetworks Arubanetworks vx-9000 Arubanetworks nx-8000 Arubanetworks vx-7000 Arubanetworks nx-3000 Arubanetworks vx-500 Arubanetworks nx-1000 Arubanetworks nx-700 Arubanetworks vx-6000 Arubanetworks vx-5000 Arubanetworks vx-2000 Arubanetworks nx-10k Arubanetworks nx-11k Arubanetworks nx-2000 Arubanetworks vx-8000 Arubanetworks vx-1000 |
|
CPE | cpe:2.3:h:silver-peak:vx-3000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-1000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-9000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-2000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-9000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-8000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-700:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-500:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-6000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-6000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-2000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-1000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-5000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-7000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-11k:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-8000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-5000:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:nx-10k:-:*:*:*:*:*:*:* cpe:2.3:h:silver-peak:vx-7000:-:*:*:*:*:*:*:* |
cpe:2.3:h:arubanetworks:vx-9000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-8000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-7000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-5000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-1000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-6000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-3000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-9000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-1000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-10k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-7000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-3000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-6000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-500:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-8000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-5000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:vx-2000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-2000:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-11k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:nx-700:-:*:*:*:*:*:*:* |
Information
Published : 2020-05-05 20:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-12142
Mitre link : CVE-2020-12142
CVE.ORG link : CVE-2020-12142
JSON object : View
Products Affected
silver-peak
- vx-8000_firmware
- vx-5000_firmware
- nx-700_firmware
- nx-11k_firmware
- unity_edgeconnect_for_azure
- unity_edgeconnect_for_amazon_web_services
- nx-10k_firmware
- vx-9000_firmware
- vx-6000_firmware
- nx-7000_firmware
- nx-3000_firmware
- vx-500_firmware
- vx-2000_firmware
- unity_orchestrator
- unity_edgeconnect_for_google_cloud_platform
- nx-6000_firmware
- vx-1000_firmware
- nx-9000_firmware
- nx-5000_firmware
- nx-8000_firmware
- vx-3000_firmware
- nx-2000_firmware
- vx-7000_firmware
- nx-1000_firmware
arubanetworks
- nx-10k
- nx-700
- vx-8000
- nx-5000
- nx-8000
- vx-3000
- nx-7000
- vx-5000
- vx-7000
- vx-9000
- nx-6000
- nx-11k
- nx-2000
- vx-1000
- vx-2000
- vx-6000
- vx-500
- nx-1000
- nx-9000
- nx-3000
CWE
CWE-668
Exposure of Resource to Wrong Sphere