Vulnerabilities > Aviatrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-22 | CVE-2020-13417 | Unspecified vulnerability in Aviatrix Controller, Gateway and VPN Client An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. | 7.5 |
| 2020-05-22 | CVE-2020-13416 | Cross-Site Request Forgery (CSRF) vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1066. | 4.3 |
| 2020-05-22 | CVE-2020-13415 | Improper Verification of Cryptographic Signature vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller through 5.1. | 5.0 |
| 2020-05-22 | CVE-2020-13414 | Use of Hard-coded Credentials vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 5.0 |
| 2020-05-22 | CVE-2020-13413 | Information Exposure Through Discrepancy vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 5.0 |
| 2020-05-22 | CVE-2020-13412 | Cross-Site Request Forgery (CSRF) vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 6.8 |
| 2020-04-16 | CVE-2020-7224 | Unspecified vulnerability in Aviatrix Openvpn The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load. | 7.5 |
| 2019-12-05 | CVE-2019-17388 | Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix VPN Client Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. | 7.2 |
| 2019-12-05 | CVE-2019-17387 | Unspecified vulnerability in Aviatrix VPN Client An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS. | 7.2 |