Vulnerabilities > Aviatrix > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-22 | CVE-2020-13414 | Use of Hard-coded Credentials vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 7.5 |
| 2020-05-22 | CVE-2020-13412 | Cross-Site Request Forgery (CSRF) vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 8.8 |
| 2019-12-05 | CVE-2019-17388 | Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix VPN Client Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. | 7.8 |
| 2019-12-05 | CVE-2019-17387 | Unspecified vulnerability in Aviatrix VPN Client An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS. | 7.8 |