Aviatrix: >> Vpn Client >> 2.8.2 Security Vulnerabilities
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-04-29
An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-05-22
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-05-22