Amazon

Aws Client Vpn

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-30164

  • EPSS 0.04%
  • Published 28.05.2024 17:15:10
  • Last modified 21.11.2024 09:11:20

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resol...

7.1

CVE-2024-30165

  • EPSS 0.12%
  • Published 28.05.2024 17:15:10
  • Last modified 21.11.2024 09:11:20

Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions, a different vulnerability than CVE-2024-30164.

7

CVE-2022-25165

Exploit
  • EPSS 1.64%
  • Published 14.04.2022 16:15:08
  • Last modified 21.11.2024 06:51:44

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior ...

5

CVE-2022-25166

Exploit
  • EPSS 1.08%
  • Published 14.04.2022 16:15:08
  • Last modified 21.11.2024 06:51:44

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When this file is imported and the client attempts to ...