1. CVE-Search
  2. CVE-2020-13417
ID CVE-2020-13417
Summary An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:aviatrix:controller:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.1.914:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.1.914:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.1.946:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.1.946:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.2.634:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.2.634:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.2.740:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.2.740:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.2.764:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.2.764:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.3.1230:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.3.1230:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.3.1262:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.3.1262:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.3.1275:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.3.1275:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.6.587:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.6.587:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.378:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.378:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.419:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.419:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.473:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.473:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.494:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.494:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.501:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.501:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.581:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.581:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:4.7.590:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:4.7.590:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.0.2667:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.0.2667:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.0.2754:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.0.2754:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.0.2768:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.0.2768:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.0.2773:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.0.2773:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.0.2782:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.0.2782:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.842:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.842:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.845:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.845:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.935:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.935:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.943:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.943:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.962:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.962:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.969:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.969:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.973:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.973:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.989:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.989:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.1016:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.1016:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.1.1183:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.1.1183:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.1991:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.1991:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.2011:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.2011:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.2047:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.2047:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.2071:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.2071:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.2092:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.2092:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:controller:5.2.2122:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:controller:5.2.2122:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:gateway:*:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:gateway:*:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:-:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:-:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:1.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:1.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:aviatrix:vpn_client:2.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:aviatrix:vpn_client:2.5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 16-09-2021 - 13:44)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
misc
Last major update 16-09-2021 - 13:44
Published 22-05-2020 - 21:15
Last modified 16-09-2021 - 13:44
Back to Top