CVE-2020-12142 : Vulnerability Insights and Analysis
Learn about CVE-2020-12142 where admin users can access IPSec key material in Silver Peak's EdgeConnect, impacting communication security. Find mitigation steps and affected systems here.
Silver Peak Systems, Inc. identified a vulnerability where an admin user could access IPSec key material, potentially compromising communication security.
Understanding CVE-2020-12142
This CVE involves the retrieval of IPSec key material from Silver Peak's EdgeConnect by an admin user, leading to potential decryption of communication.
What is CVE-2020-12142?
- Admin users can access IPSec seed and nonce parameters, allowing decryption of in-flight communication.
- Requires administrative and shell access to the EdgeConnect appliance.
The Impact of CVE-2020-12142
- CVSS Score: 4.8 (Medium)
- Confidentiality Impact: High
- Integrity Impact: Low
- Privileges Required: High
- Attack Complexity: High
- Attack Vector: Network
- User Interaction: Required
- Scope: Unchanged
- Vector String: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N
Technical Details of CVE-2020-12142
Vulnerability Description
- Admin users can retrieve IPSec key material from EdgeConnect interfaces, potentially decrypting communication.
Affected Systems and Versions
- Unity EdgeConnect, NX, VX, Unity Orchestrator, EdgeConnect in AWS, Azure, GCP.
- All versions affected prior to Silver Peak Unity ECOS 8.3.2+, 8.1.9.12+, and Silver Peak Unity Orchestrator 8.9.2+.
Exploitation Mechanism
- Admin access and shell access to EdgeConnect required to access IPSec seed and nonce parameters.
Mitigation and Prevention
Immediate Steps to Take
- Update to Silver Peak Unity ECOS 8.3.2+, 8.1.9.12+, or Silver Peak Unity Orchestrator 8.9.2+.
- Monitor and restrict admin access to EdgeConnect.
Long-Term Security Practices
- Regularly review and update access controls.
- Implement network segmentation to limit exposure.
Patching and Updates
- Apply the provided security advisory to prevent unauthorized access to IPSec key material.