Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database.
Vulnerability Description
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Silver Peak Unity Orchestrator 路径遍历漏洞
Vulnerability Description
Silver Peak Systems Silver Peak Unity Orchestrator是美国Silver Peak Systems公司的一个用于跨WAN环境下网络管理的软件。该软件可提供对网络进行进行集中编排的方式,对网络状态进行可视化的管理。 Silver Peak Unity Orchestrator 8.9.11+之前版本, 8.10.11+版本, 9.0.1+版本存在路径遍历漏洞,该漏洞允许经过身份验证的用户可以使用/sqlExecution REST API对Orchestrato
CVSS Information
N/A
Vulnerability Type
N/A