cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-31776,https://securityvulnerability.io/vulnerability/CVE-2021-31776,Local Privilege Escalation in Aviatrix VPN Client on Windows,"The Aviatrix VPN Client for Windows prior to version 2.14.14 is susceptible to local privilege escalation due to an unquoted search path vulnerability. This flaw can be exploited by unprivileged users on misconfigured systems, potentially allowing them to write to directories intended solely for administrators, thereby escalating their privileges to the SYSTEM user level.",Aviatrix,Vpn Client,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-29T00:03:56.000Z,0
CVE-2020-13413,https://securityvulnerability.io/vulnerability/CVE-2020-13413,Observable Response Discrepancy in Aviatrix Controller by Aviatrix,"Aviatrix Controller before version 5.4.1204 is susceptible to an observable response discrepancy issue from the API. This flaw can facilitate user enumeration attacks through brute force techniques, allowing malicious actors to identify valid usernames by analyzing differences in response times or formats. Implementing timely updates is essential to mitigate this security concern.",Aviatrix,"Controller,Vpn Client",5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2020-05-22T20:48:39.000Z,0
CVE-2020-13417,https://securityvulnerability.io/vulnerability/CVE-2020-13417,"Elevation of Privilege Vulnerability in Aviatrix VPN Client for Linux, macOS, and Windows","An Elevation of Privilege vulnerability was identified in the Aviatrix VPN Client prior to version 2.10.7, stemming from an incomplete remediation of a previous issue. This vulnerability impacts installations across Linux, macOS, and Windows platforms, specifically concerning certain OpenSSL parameters, potentially allowing attackers to gain unauthorized access.",Aviatrix,"Controller,Gateway,Vpn Client",9.8,CRITICAL,0.007819999940693378,false,,false,false,false,,,false,false,,2020-05-22T20:47:37.000Z,0
CVE-2019-17388,https://securityvulnerability.io/vulnerability/CVE-2019-17388,Weak File Permission in Aviatrix VPN Client allows Arbitrary Code Execution,"The Aviatrix VPN Client has been found to have weak file permissions in its installation directory on both Windows and Linux platforms. This flaw enables a local attacker to manipulate files, potentially allowing them to execute arbitrary code by gaining elevated privileges. Such vulnerabilities highlight the importance of implementing stringent permission controls to safeguard sensitive applications from unauthorized access and exploits.",Aviatrix,Vpn Client,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-12-05T17:08:39.000Z,0
CVE-2019-17387,https://securityvulnerability.io/vulnerability/CVE-2019-17387,Authentication Vulnerability in Aviatrix VPN Client Affects Multiple Platforms,"An authentication vulnerability exists in the AVPNC_RP service of the Aviatrix VPN Client that allows attackers to execute arbitrary code, leading to elevated privileges on systems running Windows, Linux, and macOS. This weakness potentially enables unauthorized access to sensitive information and control over the affected devices, emphasizing the urgency for users to update their software to the latest versions to mitigate associated risks.",Aviatrix,Vpn Client,7.8,HIGH,0.001339999958872795,false,,false,false,false,,,false,false,,2019-12-05T17:07:48.000Z,0