Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for CVE-2024-30165, this vulnerability on macOS is not the same as CVE-2024-30165.
References
Configurations
No configuration.
History
03 Jul 2024, 01:53
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
29 May 2024, 13:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
28 May 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-28 17:15
Updated : 2024-07-03 01:53
NVD link : CVE-2024-30164
Mitre link : CVE-2024-30164
CVE.ORG link : CVE-2024-30164
JSON object : View
Products Affected
No product.
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')