Home / Early Warning / Vulnerabilidades / CVE-2020-13413

CVE-2020-13413

Type: 
Information Leak / Disclosure
Severity: 
Medium
Publication date: 
05/22/2020
Last modified: 
05/26/2020
Description
An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields