Amazon

Aws Client Vpn

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-30164

  • EPSS 0.04%
  • Veröffentlicht 28.05.2024 17:15:10
  • Zuletzt bearbeitet 21.11.2024 09:11:20

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resol...

7.1

CVE-2024-30165

  • EPSS 0.12%
  • Veröffentlicht 28.05.2024 17:15:10
  • Zuletzt bearbeitet 21.11.2024 09:11:20

Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions, a different vulnerability than CVE-2024-30164.

7

CVE-2022-25165

Exploit
  • EPSS 1.64%
  • Veröffentlicht 14.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:44

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior ...

5

CVE-2022-25166

Exploit
  • EPSS 1.08%
  • Veröffentlicht 14.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:44

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When this file is imported and the client attempts to ...