Gateway

gateway

Vendor: Aviatrix • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-38368 1Aviatrix 1Gateway Nov 21, 2024 Aug 15, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands.
CVE-2020-13417 1Aviatrix 3Controller GatewayVpn Client Nov 21, 2024 May 22, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
CVE-2020-13414 1Aviatrix 2Controller Gateway Nov 21, 2024 May 22, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.