An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
CPE | Name | Operator | Version |
---|---|---|---|
controller | lt | 5.4.1204 | |
vpn_client | eq | 2.8.2 |