Lucene search
K

2382 matches found

OSV
OSV
added 2022/03/18 6:15 p.m.1 views

UBUNTU-CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS6.8AI score0.03519EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/03/18 6:15 p.m.37 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS6.8AI score0.03519EPSS
Exploits0References5
Prion
Prion
added 2022/03/18 6:15 p.m.22 views

Authentication flaw

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

7.5CVSS9.4AI score0.03519EPSS
Exploits0References6Affected Software3
Cvelist
Cvelist
added 2022/03/18 6:0 p.m.21 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.7AI score0.03519EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/03/18 6:0 p.m.2 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.6AI score0.03519EPSS
Exploits0References6
CVE
CVE
added 2022/03/18 6:0 p.m.1098 views

CVE-2022-0547

OpenVPN 2.1–2.4.12 and 2.5.6 are affected by CVE-2022-0547, which enables authentication bypass when multiple external authentication plug-ins use deferred authentication replies, potentially granting access with partially correct credentials. The root cause involves how deferred responses from m...

9.8CVSS9.3AI score0.03519EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2022/03/18 6:0 p.m.51 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS7.7AI score0.03519EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/03/18 6:0 p.m.32 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS9.7AI score0.03519EPSS
Exploits0
CNNVD
CNNVD
added 2022/03/18 12:0 a.m.2 views

OpenVPN 授权问题漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows created VPNs to be authenticated using public keys, electronic certificates, or...

9.8CVSS7.2AI score0.03519EPSS
Exploits0References12
NCSC
NCSC
added 2022/03/18 12:0 a.m.3 views

Vulnerability fixed in OpenVPN

A vulnerability has been fixed in OpenVPN. A malicious person who has a user's partial credentials can exploit the exploit the vulnerability to bypass authentication. Only systems that use multiple external authentication plug-ins are vulnerable. OpenVPN has released updates to fix the...

9.8CVSS7.1AI score0.03519EPSS
Exploits0
Fedora
Fedora
added 2022/03/17 3:49 p.m.30 views

[SECURITY] Fedora 35 Update: openvpn-2.5.6-1.fc35

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

9.8CVSS1.5AI score0.03519EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/03/17 12:0 a.m.46 views

FreeBSD : openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins (45a72180-a640-11ec-a08b-85298243e224)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 45a72180-a640-11ec-a08b-85298243e224 advisory. - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication...

9.8CVSS7.3AI score0.03519EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/03/17 12:0 a.m.23 views

Fedora 35 : openvpn (2022-a9bd17092d)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-a9bd17092d advisory. This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode CVE-2022-0547. The other changes are available in Changes.rst. NOTE...

9.8CVSS7.2AI score0.03519EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/03/15 5:58 a.m.2 views

Multiple vulnerabilities in pfSense

Overview pfSense software provided by Netgate contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2021-20729 Improper access control CWE-284 - CVE-2022-26019 Improper input validation CWE-20 - CVE-2022-24299 Yutaka WATANABE of Ierae Security Inc. reported these...

9CVSS7.3AI score0.04229EPSS
Exploits0References15
CNNVD
CNNVD
added 2022/03/15 12:0 a.m.3 views

Netgate pfSense CE 输入验证错误漏洞

Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. An input validation error vulnerability exists in Netgate pfSense CE, which could allow an attacker who has the power to change the settings of an OpenVPN client or server to execute arbitrary commands...

8.8CVSS7.7AI score0.01857EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2022/03/10 12:0 a.m.35 views

openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS4.1AI score0.03519EPSS
Exploits0References2
NVD
NVD
added 2022/02/16 7:15 p.m.24 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

9.8CVSS0.05322EPSS
Exploits1References4
OSV
OSV
added 2022/02/16 7:15 p.m.42 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

9.8CVSS6.2AI score0.05322EPSS
Exploits1References4
Prion
Prion
added 2022/02/16 7:15 p.m.28 views

Design/Logic Flaw

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

7.5CVSS8.9AI score0.05322EPSS
Exploits1References2Affected Software6
UbuntuCve
UbuntuCve
added 2022/02/16 7:15 p.m.102 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

9.8CVSS6.8AI score0.05322EPSS
Exploits1References6
Rows per page
Query Builder