CVE-2020-13413

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.

Link	Resource
https://docs.aviatrix.com/HowTos/security_bulletin_article.html#observable-response-discrepancy-from-api	Vendor Advisory
https://www.criticalstart.com/multiple-vulnerabilities-discovered-in-aviatrix/	Exploit Third Party Advisory

Configuration 1

cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:* cpe:2.3:a:aviatrix:vpn_client:2.8.2:*:*:*:*:*:*:*

---

Published : 2020-05-22 09:15

Updated : 2021-12-01 01:33

---

NVD link : CVE-2020-13413

Mitre link : CVE-2020-13413

Aviatrix

Vpn Client

CWE-203