CVE-2020-12147 - OpenCVE

In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Silver-peak	Unity Orchestrator

Configuration 1 [-]

OR	cpe:2.3:a:silver-peak:unity_orchestrator::::::::
	cpe:2.3:a:silver-peak:unity_orchestrator::::::::
	cpe:2.3:a:silver-peak:unity_orchestrator::::::::

No data.

References

Link	Providers
https://www.silver-peak.com/support/user-documentation/security-advisories

History

No history.

MITRE

Status: PUBLISHED

Assigner: Silver Peak

Published: 2020-11-05T18:50:21.332476Z

Updated: 2024-09-16T17:58:20.812Z

Reserved: 2020-04-24T00:00:00

Link: CVE-2020-12147

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-05T19:15:12.693

Modified: 2020-11-12T17:12:39.367

Link: CVE-2020-12147

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Unity Orchestrator", "vendor": "Silver Peak Systems, Inc.", "versions": [{"status": "affected", "version": "All versions affected prior to Silver Peak Unity Orchestrator 8.9.11+"}, {"status": "affected", "version": "8.10.11+"}, {"status": "affected", "version": "or 9.0.1+."}]}], "credits": [{"lang": "en", "value": "This vulnerability was reported to Silver Peak by the security team at Realmode Labs."}], "datePublic": "2020-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "CVE-2020-12147", "lang": "en", "type": "text"}]}, {"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-05T18:50:21", "orgId": "83cc1b1a-46b0-4ac1-94f2-bbef3319bc4c", "shortName": "Silver Peak"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.silver-peak.com/support/user-documentation/security-advisories"}], "solutions": [{"lang": "en", "value": "Recommended Actions for Silver Peak Customers: Upgrade to Orchestrator 8.9.11+, 8.10.11+, or 9.0.1+."}], "source": {"advisory": "Security Advisory 2020-10-31-01-003", "discovery": "EXTERNAL"}, "title": "Unauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database.", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@silver-peak.com", "DATE_PUBLIC": "2020-10-31T16:00:00.000Z", "ID": "CVE-2020-12147", "STATE": "PUBLIC", "TITLE": "Unauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Unity Orchestrator", "version": {"version_data": [{"version_value": "All versions affected prior to Silver Peak Unity Orchestrator 8.9.11+"}, {"version_value": "8.10.11+"}, {"version_value": "or 9.0.1+."}]}}]}, "vendor_name": "Silver Peak Systems, Inc."}]}}, "credit": [{"lang": "eng", "value": "This vulnerability was reported to Silver Peak by the security team at Realmode Labs."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CVE-2020-12147"}]}, {"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://www.silver-peak.com/support/user-documentation/security-advisories", "refsource": "MISC", "url": "https://www.silver-peak.com/support/user-documentation/security-advisories"}]}, "solution": [{"lang": "en", "value": "Recommended Actions for Silver Peak Customers: Upgrade to Orchestrator 8.9.11+, 8.10.11+, or 9.0.1+."}], "source": {"advisory": "Security Advisory 2020-10-31-01-003", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:48:58.513Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.silver-peak.com/support/user-documentation/security-advisories"}]}]}, "cveMetadata": {"assignerOrgId": "83cc1b1a-46b0-4ac1-94f2-bbef3319bc4c", "assignerShortName": "Silver Peak", "cveId": "CVE-2020-12147", "datePublished": "2020-11-05T18:50:21.332476Z", "dateReserved": "2020-04-24T00:00:00", "dateUpdated": "2024-09-16T17:58:20.812Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F57E088F-B275-47E0-87E9-D392F5E78CA7", "versionEndExcluding": "8.9.11\\+", "vulnerable": true}, {"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "06BDDCC0-D63B-4729-9FB7-95B89A54389A", "versionEndExcluding": "8.10.11\\+", "versionStartIncluding": "8.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:silver-peak:unity_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "5302B8F8-6B84-48F0-BD59-8FF7368AB888", "versionEndExcluding": "9.0.1\\+", "versionStartIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing."}, {"lang": "es", "value": "En Silver Peak Unity Orchestrator versiones anteriores a 8.9.11+, 8.10.11+ o 9.0.1+, un usuario autenticado puede llevar a cabo consultas MySQL no autorizadas en la base de datos de Orchestrator usando la API REST /sqlExecution, que hab\u00eda sido usada para pruebas internas"}], "id": "CVE-2020-12147", "lastModified": "2020-11-12T17:12:39.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "sirt@silver-peak.com", "type": "Secondary"}]}, "published": "2020-11-05T19:15:12.693", "references": [{"source": "sirt@silver-peak.com", "tags": ["Vendor Advisory"], "url": "https://www.silver-peak.com/support/user-documentation/security-advisories"}], "sourceIdentifier": "sirt@silver-peak.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "sirt@silver-peak.com", "type": "Secondary"}]}