CVE-2017-7478

Опубликовано: 15 мая 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openvpn:openvpn:2.3.12:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.13:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.3.14:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:alpha2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:rc1:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.0:rc2:*:*:*:*:*:*

cpe:2.3:a:openvpn:openvpn:2.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06902

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617

CWE-20

Связанные уязвимости

CVE-2017-7478

CVSS3: 7.5

ubuntu

больше 8 лет назад

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

CVE-2017-7478

CVSS3: 7.5

debian

больше 8 лет назад

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Deni ...

GHSA-3wwj-66cm-595v

CVSS3: 7.5

github

больше 3 лет назад

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

openSUSE-SU-2017:1638-1

suse-cvrf

больше 8 лет назад

Security update for openvpn

SUSE-SU-2017:1622-1

suse-cvrf

больше 8 лет назад

Security update for openvpn

EPSS

Процентиль: 91%

0.06902

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617

CWE-20