Lucene search
+L

63 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:8 p.m.8 views

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...

6.1CVSS6.9AI score0.00746EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.5 views

OpenVPN Access Server Detected

This is an informational notice that the scanner was able to detect an OpenVPN Access Server on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

7.3AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.4 views

SUSE CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.3CVSS6.1AI score0.01215EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.4 views

SUSE CVE-2020-36382

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...

7.5CVSS7.7AI score0.01891EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/06 8:15 p.m.7 views

CVE-2021-4234

OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...

7.5CVSS7.2AI score0.0083EPSS
Exploits0References2
OSV
OSV
added 2022/07/06 8:15 p.m.4 views

CVE-2021-4234

OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...

7.5CVSS5.8AI score0.0083EPSS
Exploits0References1
OSV
OSV
added 2022/07/06 4:15 p.m.5 views

CVE-2022-33738

OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal...

7.5CVSS5.8AI score0.00852EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/06 4:15 p.m.4 views

CVE-2022-33737

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password...

7.5CVSS5.8AI score0.00807EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/06 12:0 a.m.6 views

PT-2022-21853 · Openvpn · Openvpn Access Server

Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.10.0 through 2.10.x and versions prior to 2.11.0, can be simplified to: OpenVPN Access Server versions 2.10.0 through 2.11.0, but since 2.11.0 is not included, it is more accurate to say: OpenVPN Access Server...

7.5CVSS7.3AI score0.00807EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.8 views

OpenVPN 安全特征问题漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows created VPNs to be authenticated using a public key, e-certificate, or username/password. A...

7.5CVSS7.3AI score0.00852EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.9 views

OpenVPN 日志信息泄露漏洞

OpenVPN is a software package from US-based OpenVPN Inc. for creating encrypted tunnels for virtual private networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...

7.5CVSS7.2AI score0.00807EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.5 views

OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...

7.5CVSS7.3AI score0.0083EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/05/20 10:58 p.m.43 views

CVE-2020-11462

An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management interface when sending an XML Entity Expansion XEE payload to the XMLRPC based RPC2 interface. The...

7.5CVSS2.4AI score0.01251EPSS
Exploits0References1
NCSC
NCSC
added 2021/09/24 12:0 a.m.8 views

Vulnerability fixed in OpenVPN Access Server

The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code on the browser of the victim. To do this, the malicious party must trick the victim into to follow a rogue hyperlink. OpenVPN has released updates to fix the vulnerability. More information can b...

6.1CVSS7.6AI score0.00746EPSS
Exploits0
OSV
OSV
added 2021/09/23 3:15 p.m.4 views

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...

6.1CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/09/23 3:15 p.m.4 views

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...

6.1CVSS6.6AI score0.00746EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/23 12:0 a.m.5 views

Openvpn OpenVPN 跨站脚本漏洞

Openvpn OpenVPN is a software package from OpenVPN Openvpn Inc. that creates encrypted virtual private network VPN tunnels that use the OpenSSL library to encrypt data and control information and allow the created VPN to be authenticated using a public key, an electronic certificate, or a...

6.1CVSS6AI score0.00746EPSS
Exploits0References1
OSV
OSV
added 2021/06/04 11:15 a.m.4 views

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.3CVSS6.6AI score0.01215EPSS
Exploits0References2
OSV
OSV
added 2021/06/04 11:15 a.m.4 views

CVE-2020-36382

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...

7.5CVSS6.6AI score0.01891EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/06/04 11:15 a.m.4 views

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.3CVSS6.2AI score0.01215EPSS
Exploits0References3
Rows per page
Query Builder