Data Exposure Vulnerability in Aviatrix Controller by Aviatrix
CVE-2020-26551

7.5HIGH

Key Information:

Vendor: Aviatrix
Status: Controller
Vendor: CVE Published:; 17 November 2020

Summary

A vulnerability exists in the Aviatrix Controller that allows encrypted key values to be stored in a file that is readable by unauthorized users. This exposure could potentially lead to sensitive data being compromised. Organizations using affected versions must take prompt action to mitigate risks associated with this vulnerability.

References

https://www.criticalstart.com/multiple-vulnerabilities-di...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 17, 2020
Vulnerability Reserved
Oct 4, 2020