Vulnerabilities > CVE-2020-13417 - Unspecified vulnerability in Aviatrix Controller and Gateway
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
Vulnerable Configurations
References
- https://docs.aviatrix.com/HowTos/security_bulletin_article.html#openvpn-client-elevation-of-privilege
- https://www.criticalstart.com/multiple-vulnerabilities-discovered-in-aviatrix/
- https://docs.aviatrix.com/HowTos/security_bulletin_article.html#openvpn-client-elevation-of-privilege
- https://www.criticalstart.com/multiple-vulnerabilities-discovered-in-aviatrix/