Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD45A72180-A640-11EC-A08B-85298243E224
HistoryMar 10, 2022 - 12:00 a.m.

openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

2022-03-1000:00:00
vuxml.freebsd.org
14

0.005 Low

EPSS

Percentile

76.4%

JSON

David Sommerseth reports:

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenvpn< 2.5.6UNKNOWN
FreeBSDanynoarchopenvpn-mbedtls< 2.5.6UNKNOWN

Related

suse 2
redos 1
veracode 1
openvas 12
fedora 3
nessus 10
osv 3
debiancve 1
mageia 1
cloudlinux 1
cve 1
ubuntu 1
alpinelinux 1
prion 1
cvelist 1
amazon 1
altlinux 2
ubuntucve 1
debian 1
ibm 1
ics 2
suse
suse
Security update for openvpn (important)
2022-03-29 00:00:00
Security update for openvpn (moderate)
2022-06-03 00:00:00
redos
redos
ROS-20220329-03
2022-03-29 00:00:00
veracode
veracode
Access-Control Bypass
2022-03-26 07:55:18
openvas
openvas
Fedora: Security Advisory for openvpn (FEDORA-2022-a9bd17092d)
2022-03-23 00:00:00
Fedora: Security Advisory for openvpn (FEDORA-2022-cb4c1146dc)
2022-03-27 00:00:00
openSUSE: Security Advisory for openvpn (openSUSE-SU-2022:1029-1)
2022-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: openvpn-2.5.6-1.fc34
2022-03-24 14:53:13
[SECURITY] Fedora 36 Update: openvpn-2.5.6-1.fc36
2022-03-26 15:53:41
[SECURITY] Fedora 35 Update: openvpn-2.5.6-1.fc35
2022-03-17 15:49:05
nessus
nessus
Amazon Linux AMI : openvpn (ALAS-2023-1719)
2023-04-06 00:00:00
FreeBSD : openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins (45a72180-a640-11ec-a08b-85298243e224)
2022-03-17 00:00:00
SUSE SLES11 Security Update : openvpn-openssl1 (SUSE-SU-2022:14937-1)
2022-04-07 00:00:00
osv
osv
CVE-2022-0547
2022-03-18 18:15:12
openvpn vulnerability
2022-03-24 12:13:58
openvpn - security update
2022-05-03 00:00:00
debiancve
debiancve
CVE-2022-0547
2022-03-18 18:15:00
mageia
mageia
Updated openvpn packages fix security vulnerability
2022-03-30 20:06:56
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-0547
2022-04-05 15:03:38
cve
cve
CVE-2022-0547
2022-03-18 18:15:00
ubuntu
ubuntu
OpenVPN vulnerability
2022-03-24 00:00:00
alpinelinux
alpinelinux
CVE-2022-0547
2022-03-18 18:15:00
prion
prion
Authentication flaw
2022-03-18 18:15:00
cvelist
cvelist
CVE-2022-0547
2022-03-18 18:00:20
amazon
amazon
Low: openvpn
2023-03-30 22:50:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version 2.5.6-alt1
2022-09-28 00:00:00
Security fix for the ALT Linux 10 package openvpn version 2.5.6-alt1
2022-05-24 00:00:00
ubuntucve
ubuntucve
CVE-2022-0547
2022-03-18 00:00:00
debian
debian
[SECURITY] [DLA 2992-1] openvpn security update
2022-05-03 12:18:30
ibm
ibm
Security Bulletin: IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway and VPN module have multiple vulnerabilities (CVE-2021-22060, CVE-2022-22950, CVE-2022-0547, CVE-2022-0778, CVE-2022-22965)
2022-06-06 18:27:01
ics
ics
​Siemens SINAMICS Medium Voltage Products
2023-06-15 12:00:00
Siemens SCALANCE, RUGGEDCOM Third-Party
2023-03-16 12:00:00

0.005 Low

EPSS

Percentile

76.4%

JSON
Related for 45A72180-A640-11EC-A08B-85298243E224
suse2redos1veracode1openvas12fedora3nessus10osv3debiancve1mageia1cloudlinux1cve1ubuntu1alpinelinux1prion1cvelist1amazon1altlinux2ubuntucve1debian1ibm1ics2