Vpn Client Security Vulnerabilities and Issues — Vpn Client CVE List

Lucene search

AviatrixVpn Client

5 matches found

CVE•added 2020/05/22 9:15 p.m.•151 views

CVE-2020-13417

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.

9.8CVSS9.4AI score0.01174EPSS

CVE•added 2020/05/22 9:15 p.m.•112 views

CVE-2020-13413

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.

5.3CVSS5.2AI score0.00376EPSS

CVE•added 2019/12/05 6:15 p.m.•62 views

CVE-2019-17387

An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.

7.8CVSS8.1AI score0.00255EPSS

CVE•added 2021/04/29 1:15 a.m.•53 views

CVE-2021-31776

Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.

7.8CVSS7.7AI score0.00048EPSS

CVE•added 2019/12/05 6:15 p.m.•44 views

CVE-2019-17388

Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications.

7.8CVSS7.8AI score0.00109EPSS