5
CVSSv2

CVE-2020-13413

Published: 22/05/2020 Updated: 26/05/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

An issue exists in Aviatrix Controller prior to 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.

Vulnerability Trend

Affected Products

Vendor Product Versions
AviatrixController2.5, 2.6, 2.7, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 4.0, 4.1.914, 4.1.946, 4.2.634, 4.2.740, 4.2.764, 4.3.1230, 4.3.1262, 4.3.1275, 4.6.587, 4.7.378, 4.7.419, 4.7.473, 4.7.494, 4.7.501, 4.7.581, 4.7.590, 5.0.2667, 5.0.2754, 5.0.2768, 5.0.2773, 5.0.2782, 5.1.842, 5.1.845, 5.1.935, 5.1.943, 5.1.962, 5.1.969, 5.1.973, 5.1.989, 5.1.1016, 5.1.1183, 5.2.1991, 5.2.2011, 5.2.2047, 5.2.2071, 5.2.2092, 5.2.2122, 5.3.1391, 5.3.1399, 5.3.1428, 5.3.1468, 5.3.1491, 5.3.1499, 5.3.1516, 5.3.1524, 5.4.1066, 5.4.1074, 5.4.1140, 5.4.1201