Описание
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
A flaw was found in OpenVPN. This vulnerability allows a local denial of service via a local authenticated user connecting to the interactive service agent on Windows and triggering an error.
Отчет
This vulnerability is rated Low for Red Hat. The flaw affects the interactive service agent in OpenVPN on Windows, allowing a local authenticated user to trigger a denial of service. Red Hat's OpenVPN packages are typically deployed on Linux systems and do not include the Windows-specific interactive service agent, therefore No Red Hat products or offerings are affected by this vulnerability.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and ...
Interactive service agent in OpenVPN version 2.5.0 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
Уязвимость программного обеспечения OpenVPN, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3