Skip to main content

Controller

33 CVEs product

Monthly

CVE-2025-36017 MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user.

IBM Information Disclosure Controller
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-36015 MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow an authenticated user to cause a denial of service due to improper validation of a specified quantity size input.

IBM Denial Of Service Controller Cognos Controller
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-33111 MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks.

IBM Information Disclosure Controller Cognos Controller
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-36326 LOW Monitor

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cognos Controller Controller
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-33079 MEDIUM This Month

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Cognos Controller Controller
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-39163 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Request Smuggling XSS Cognos Controller Controller
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-41778 MEDIUM This Month

IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Brute Force IBM Information Disclosure Controller
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2023-47160 HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE IBM Cognos Controller Controller
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2024-45084 HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Code Injection Cognos Controller Controller
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2024-45081 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Cognos Controller Controller
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-28780 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Cognos Controller Controller
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2024-28777 HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted deserialization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Deserialization Denial Of Service Cognos Controller +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-28776 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cognos Controller Controller
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-52902 HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Cognos Controller Controller
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-50603 CRITICAL POC KEV THREAT Emergency

Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996 contains an OS command injection via improper neutralization of special elements in the /v1/api endpoint, allowing unauthenticated remote code execution.

RCE Command Injection Controller
NVD
CVSS 3.1
10.0
EPSS
94.4%
Threat
7.8
CVE-2024-40702 HIGH This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass IBM Cognos Controller Controller
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-28778 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Cognos Controller Controller
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-25037 MEDIUM Monitor

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Controller Controller
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2022-22363 MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Controller Controller
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2021-20455 LOW Monitor

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cognos Controller Controller
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2021-40870 CRITICAL POC KEV THREAT Act Now

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal File Upload Controller
NVD
CVSS 3.1
9.8
EPSS
93.0%
CVE-2020-26553 CRITICAL POC Act Now

An issue was discovered in Aviatrix Controller before R6.0.2483. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Controller
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-26552 HIGH POC This Week

An issue was discovered in Aviatrix Controller before R6.0.2483. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-26551 HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.3.1151. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-26550 HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.3.1151. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-26549 HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.4.1290. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure Controller
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-26548 HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.4.1290. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-13417 CRITICAL POC Act Now

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure OpenSSL Microsoft Apple Controller +2
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-13416 MEDIUM This Month

An issue was discovered in Aviatrix Controller before 5.4.1066. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Controller
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-13415 HIGH POC This Week

An issue was discovered in Aviatrix Controller through 5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Jwt Attack Controller
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-13414 HIGH POC This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Controller Gateway
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-13413 MEDIUM POC This Month

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller Vpn Client
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-13412 HIGH This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Controller
NVD
CVSS 3.1
8.8
EPSS
0.6%
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user.

IBM Information Disclosure Controller
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow an authenticated user to cause a denial of service due to improper validation of a specified quantity size input.

IBM Denial Of Service Controller +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks.

IBM Information Disclosure Controller +1
NVD
EPSS 0% CVSS 3.7
LOW Monitor

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cognos Controller +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Cognos Controller +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Request Smuggling XSS +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Brute Force IBM Information Disclosure +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE IBM Cognos Controller +1
NVD
EPSS 0% CVSS 8.0
HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Code Injection Cognos Controller +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Cognos Controller +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Cognos Controller +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted deserialization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Deserialization +3
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cognos Controller +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Cognos Controller +1
NVD
EPSS 94% 7.8 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996 contains an OS command injection via improper neutralization of special elements in the /v1/api endpoint, allowing unauthenticated remote code execution.

RCE Command Injection Controller
NVD
EPSS 0% CVSS 8.2
HIGH This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass IBM Cognos Controller +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Cognos Controller +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Controller +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Controller +1
NVD
EPSS 0% CVSS 3.7
LOW Monitor

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cognos Controller +1
NVD
EPSS 93% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal File Upload +1
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Aviatrix Controller before R6.0.2483. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before R6.0.2483. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.3.1151. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.3.1151. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.4.1290. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure Controller
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in Aviatrix Controller before R5.4.1290. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure OpenSSL Microsoft +4
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Aviatrix Controller before 5.4.1066. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller through 5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Jwt Attack Controller
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Controller Gateway
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller Vpn Client
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Controller
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy