Описание
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
Ссылки
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.7 (включая)
cpe:2.3:a:openvpn:openvpn_access_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.0007
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-305
CWE-287
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
EPSS
Процентиль: 22%
0.0007
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-305
CWE-287