Vulnerabilities > CVE-2020-7224 - Unspecified vulnerability in Aviatrix Openvpn

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

aviatrix

NVD

Published: 2020-04-16

Updated: 2022-07-12

Summary

The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.

Vulnerable Configurations

Part	Description	Count
Application	Aviatrix Aviatrix Openvpn - Aviatrix Openvpn 1.0 Aviatrix Openvpn 1.1 Aviatrix Openvpn 1.2 Aviatrix Openvpn 1.3 Aviatrix Openvpn 1.4 Aviatrix Openvpn 1.5 Aviatrix Openvpn 1.6 Aviatrix Openvpn 1.7 Aviatrix Openvpn 1.8 Aviatrix Openvpn 1.9 Aviatrix Openvpn 1.10.16 Aviatrix Openvpn 2.0.3 Aviatrix Openvpn 2.1.3 Aviatrix Openvpn 2.2.10 Aviatrix Openvpn 2.3.10 Aviatrix Openvpn 2.4.10 Aviatrix Openvpn 2.5.7	18

Summary

Vulnerable Configurations

References