漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Silver Peak Unity OrchestratorTM authentication can be subverted through manipulation of HTTP headers.
Vulnerability Description
Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. This makes it possible to log in to Orchestrator by introducing an HTTP HOST header set to 127.0.0.1 or localhost. Orchestrator instances that are hosted by customers –on-premise or in a public cloud provider –are affected by this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Silver Peak Systems Silver Peak Unity Orchestrator 授权问题漏洞
Vulnerability Description
Silver Peak Systems Silver Peak Unity Orchestrator是美国Silver Peak Systems公司的一个用于跨WAN环境下网络管理的软件。该软件可提供对网络进行进行集中编排的方式,对网络状态进行可视化的管理。 Silver Peak Unity Orchestrator 8.9.11+之前版本, 8.10.11+版本, or 9.0.1+版本存在安全漏洞,该漏洞通过引入设置为127.0.0.1或本地主机的HTTP HOST标头,可以登录Orchestrat
CVSS Information
N/A
Vulnerability Type
N/A