CVE-2020-12147

In Silver Peak Unity Orchestrator versions prior to 8.9.11 , 8.10.11 , or 9.0.1 , an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing.

Leave a comment