CVE-2020-12142

1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.8 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N
Silver PeakCNA
4.8 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
silver-peakunity_edgeconnect_for_amazon_web_services
-
silver-peakunity_edgeconnect_for_azure
-
silver-peakunity_edgeconnect_for_google_cloud_platform
-
silver-peakunity_orchestrator
𝑥
< 8.9.2
silver-peakvx-500_firmware
-
silver-peakvx-1000_firmware
-
silver-peakvx-2000_firmware
-
silver-peakvx-3000_firmware
-
silver-peakvx-5000_firmware
-
silver-peakvx-6000_firmware
-
silver-peakvx-7000_firmware
-
silver-peakvx-9000_firmware
-
silver-peakvx-8000_firmware
-
silver-peaknx-700_firmware
-
silver-peaknx-1000_firmware
-
silver-peaknx-2000_firmware
-
silver-peaknx-3000_firmware
-
silver-peaknx-5000_firmware
-
silver-peaknx-6000_firmware
-
silver-peaknx-7000_firmware
-
silver-peaknx-8000_firmware
-
silver-peaknx-9000_firmware
-
silver-peaknx-10k_firmware
-
silver-peaknx-11k_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf
https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf