CVE-2020-12142 - OpenCVE

1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Silver-peak	Unity Orchestrator Nx-5000 Firmware Nx-7000 Firmware Nx-3000 Firmware Nx-11k Firmware Vx-1000 Firmware Vx-5000 Firmware Nx-6000 Firmware Unity Edgeconnect For Amazon Web Services Unity Edgeconnect For Azure Nx-1000 Firmware Nx-700 Firmware Unity Edgeconnect For Google Cloud Platform Vx-7000 Firmware Nx-10k Firmware Nx-9000 Firmware Vx-9000 Firmware Vx-8000 Firmware Vx-3000 Firmware Vx-2000 Firmware Vx-500 Firmware Nx-2000 Firmware Vx-6000 Firmware Nx-8000 Firmware
Arubanetworks	Nx-5000 Vx-1000 Nx-3000 Vx-5000 Vx-3000 Nx-6000 Vx-2000 Vx-9000 Nx-9000 Nx-700 Nx-10k Vx-6000 Vx-7000 Nx-7000 Nx-11k Vx-8000 Vx-500 Nx-2000 Nx-8000 Nx-1000

Configuration 1 [-]

OR	cpe:2.3:a:silver-peak:unity_edgeconnect_for_amazon_web_services:-:::::::*
	cpe:2.3:a:silver-peak:unity_edgeconnect_for_azure:-:::::::*
	cpe:2.3:a:silver-peak:unity_edgeconnect_for_google_cloud_platform:-:::::::*
	cpe:2.3:a:silver-peak:unity_orchestrator::::::::

Configuration 2 [-]

AND

cpe:2.3:o:silver-peak:vx-500_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-500:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:silver-peak:vx-1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-1000:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:silver-peak:vx-2000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-2000:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:silver-peak:vx-3000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-3000:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:silver-peak:vx-5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-5000:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:silver-peak:vx-6000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-6000:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:silver-peak:vx-7000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-7000:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:silver-peak:vx-9000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-9000:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:silver-peak:vx-8000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:vx-8000:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:silver-peak:nx-700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-700:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:silver-peak:nx-1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-1000:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:silver-peak:nx-2000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-2000:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:silver-peak:nx-3000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-3000:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:silver-peak:nx-5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-5000:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:silver-peak:nx-6000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-6000:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:silver-peak:nx-7000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-7000:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:silver-peak:nx-8000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-8000:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:silver-peak:nx-9000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-9000:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:silver-peak:nx-10k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-10k:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:silver-peak:nx-11k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arubanetworks:nx-11k:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.silver-peak.com/sites/default/files/advisory/security_advisory_notice_ipsec_udp_key_material-cve_2020_12142.pdf	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Silver Peak

Published: 2020-05-05T19:54:07

Updated: 2020-05-07T16:57:35

Reserved: 2020-04-24T00:00:00

Link: CVE-2020-12142

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-05-05T20:15:12.057

Modified: 2023-11-07T21:16:04.017

Link: CVE-2020-12142

JSON object: View

Redhat Information

No data.

CWE

CWE-668