An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
References
Link | Resource |
---|---|
https://docs.aviatrix.com/HowTos/UCC_Release_Notes.html | Release Notes Vendor Advisory |
https://immersivelabs.com/2019/12/04/aviatrix-vpn-client-vulnerability/ | Exploit Third Party Advisory |
https://immersivelabs.com/blog/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
08 Sep 2021, 17:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
Information
Published : 2019-12-05 18:15
Updated : 2024-02-04 20:39
NVD link : CVE-2019-17387
Mitre link : CVE-2019-17387
CVE.ORG link : CVE-2019-17387
JSON object : View
Products Affected
apple
- macos
microsoft
- windows
aviatrix
- vpn_client
linux
- linux_kernel
CWE