Security Advisories

  • User Documentation

Security Advisories

  • Security Advisory RSS

    Security Advisory RSSSecurity RSS link

    Report a Vulnerability

    If you have information about a security issue or vulnerability with a Silver Peak product or technology, please send an e-mail to Encrypt sensitive information using our PGP public key
    Please provide as much information as possible, including:
    • The products and versions affected

    • Detailed description of the vulnerability

    • Information on known exploits

    A member of the Silver Peak Product Security Team will review your e-mail and contact you to collaborate on resolving the issue.

    Contact Support

    North America (USA/CAN)

    T: +1 877 210 7325


    T: 1800 859 651


    T: 0800-913757

    Hong Kong

    T: 800-901193


    T: 000-800-9190024

    United Kingdom

    T: 0-8000969372


    T: +1 408 935 1850

    • TCP SACK Panic and other remote denial of service vulnerabilities

      NFLX-2019-001 originally published by Netflix on June 17, 2019

    • Silver Peak Microarchitectural Data Sampling (MDS) vulnerabilities

      INTEL-SA-00233 originally published by Intel on May 14, 2019

    • Authentication bypass in server mode-CVE-2018-10933

      Published by libssh on October 19, 2018

    • L1 Terminal Fault - INTEL-SA-00161

      Published by Intel on August 14, 2018

    • The Dangers of Key Reuse: Practical Attacks on IPsec IKE

      Published at the Usenix Symposium on August 15, 2018

    • Meltdown and Spectre Vulnerabilities

      VU#584653 originally published by CERT on January 3, 2018

    • Return of Bleichenbacher's Oracle Threat (ROBOT Attack) -- A TLS Vulnerability

      VU#144389 originally published by CERT on December 12, 2017

    • Intel Q3’17 ME 11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update, Escalation of Privilege

      INTEL-SA-00086 published by Intel on November 20, 2017


    • DOS Security Vulnerability, Published by node.js on October 24, 2017


    • INTEL-SA-00075, CVE-2017-5689 published by Intel on May 1, 2017
    • Dirty COW Vulnerability, Published by on October 21, 2016


    • OCSP Status Request extension unbounded memory growth, Published by OpenSSL on 9/22/2016


      Paired with:

      CVE-2016-6309, Fix Use Free for large message sizes

    • Multiple OpenSSL Vulnerabilities

      CVE-2016-2108, CVE-2016-2107

    • Drown attack vulnerability, Published by NIST on 03/01/2016


    • glibc getaddrinfo stack-based buffer overflow, Published by NIST on 02/18/2016


    • RC4 algorithm vulnerability to ‘plain-text recovery’ attacks as used in TLS/SSL, Published by NIST on 03/15/2013


    • RFC 5469 Compliance
    • Mass Assignment Vulnerability, Published by on 09/09/2015
    • Unauthenticated File Read Vulnerability, Published by on 09/09/2015
    • Command Injection Vulnerability, Published by on 09/09/2015
    • Shell Upload Vulnerability, Published by on 09/09/2015
    • Cross-Site Reflect Forgery (CSRF) Vulnerability through hardcoded account, Published by NIST on 07/28/2014


    • Cross-Site Scripting (XSS) Vulnerability, Published by NIST on 07/28/14


    • OpenSSH Keyboard-Interactive Authentication Brute Force Vulnerability, Published by NIST on 08-02-2015


    • Logjam Vulnerability, Published by NIST on 05-20-2015


    • GHOST Vulnerability, Published by NIST on 01-28-2015

      glibc:__nss_hostname_digits_dots() heap-based buffer overflow


    • libpng Exploit Vulnerability, Published by NIST on 02-27-2014


    • SSL 3.0 Vulnerability, a.k.a. "Poodle", Published by NIST on 10-16-2014

      CVE-2014-3566, CVE-2014-3568

    • GNU Bash Vulnerability, a.k.a. "Shellshock", Published by NIST on 09-24-2014

      CVE-2014-7169, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7186, CVE-2014-7187

    • Open SSL Vulnerability, a.k.a. "Heartbleed Bug", Published on 04-09-2014


    • Multiple Open SSL Vulnerabilities, Published by on 10-15-2014

      CVE-2014-3513, CVE-2014-3567