CVE-2020-7224 — Vulnetix

CVE-2020-7224 PUBLISHED CVSS 7.5 HIGH

The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.

EPSS 0.62% · 70.5th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

0.62%

70.5th percentile

Affected Products

Vendor	Product	Versions
aviatrix	openvpn	0
n/a	n/a	*

Timeline

Apr 16, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Nov 5, 2022 EPSS Score

References

https://docs.aviatrix.com/HowTos/security_bulletin_article.html url
https://docs.aviatrix.com/#security-bulletin url
https://docs.aviatrix.com/HowTos/security_bulletin_article.html#article-avxsb-00001 url
https://nvd.nist.gov/vuln/detail/CVE-2020-7224 advisory

Open in Interactive Console →