CVE-2020-7224
First published: Thu Apr 16 2020(Updated: )
The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aviatrix OpenVPN | <=2.5.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Aviatrix OpenVPN client vulnerability?
The vulnerability ID for this Aviatrix OpenVPN client vulnerability is CVE-2020-7224.
What is the severity of CVE-2020-7224?
CVE-2020-7224 has a severity rating of 9.8 (critical).
Which operating systems are affected by CVE-2020-7224?
CVE-2020-7224 affects Linux, macOS, and Windows operating systems.
How can unauthorized third-party libraries load due to this vulnerability?
Unauthorized third-party libraries can load due to altered OpenSSL parameters from the issued value set.
How can I fix CVE-2020-7224?
To fix CVE-2020-7224, update the Aviatrix OpenVPN client to version 2.5.7 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/aviatrix
- canonical/aviatrix openvpn
- version/aviatrix openvpn/2.5.7