CVE-2020-3984
published 2020-11-24CVE-2020-3984: The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An…
PriorityP351medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
22.37%
97.4th percentile
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data access.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | sd-wan_orchestrator | — | — |
| vmware | sd-wan_orchestrator | >= 3.4.0 < 3.4.4 | 3.4.4 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vf79-fxj5-j7c4: The SD-WAN Orchestrator 3
ghsa_unreviewed·2022-05-24
CVE-2020-3984 [MEDIUM] CWE-89 GHSA-vf79-fxj5-j7c4: The SD-WAN Orchestrator 3
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data access.
VMware
VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)
vendor_vmware·2020-11-18·CVSS 6.5
CVE-2020-3984 [MEDIUM] VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)
VMSA-2020-0025: VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)
The SD-WAN Orchestrator does not apply correct input validation which allows for SQL-injection. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.
CVEs: CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002, CVE-2020-4003
Affected products: VMware SD-WAN, VMware VeloCloud
Suricata
ET EXPLOIT VMware SD-WAN Orchestrator SQL Injection (CVE-2020-3984)
suricata·2022-02-04·CVSS 6.5
CVE-2020-3984 [MEDIUM] ET EXPLOIT VMware SD-WAN Orchestrator SQL Injection (CVE-2020-3984)
ET EXPLOIT VMware SD-WAN Orchestrator SQL Injection (CVE-2020-3984)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT VMware SD-WAN Orchestrator SQL Injection (CVE-2020-3984)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/portal/"; http.request_body; content:"softwareUpdate/getSoftwareUpdates"; fast_pattern; content:"|22|modulus|22 3a|"; content:"UNION SELECT"; nocase; distance:0; reference:cve,2020-3984; classtype:attempted-admin; sid:2035104; rev:2; metadata:attack_target Server, created_at 2022_02_04, cve CVE_2020_3984, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Exploit, updated_at 2022_02_04, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre
No public exploits indexed.
No writeups or analysis indexed.
2020-11-24
Published