PT-2019-14512 · Silver Peak · Silver Peak Edgeconnect Sd-Wan

Publicado

2019-09-08

·

Atualizado

2019-09-09

·

CVE-2019-16104

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Silver Peak EdgeConnect SD-WAN versions prior to 8.1.7.x
Description The issue is related to a reflected XSS attack. It can be exploited via the "rest/json/configdb/download/" API endpoint.
Recommendations For versions prior to 8.1.7.x, update to version 8.1.7.x or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-16104

Produtos afetados

Silver Peak Edgeconnect Sd-Wan