Aviatrix: >> Gateway >> 2.5 Security Vulnerabilities
An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-08-15
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-05-22
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-05-22