Lucene search
K

2382 matches found

OSV
OSV
added 2021/06/04 11:15 a.m.4 views

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.3CVSS6.6AI score0.01215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/06/04 11:15 a.m.3 views

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.3CVSS6.2AI score0.01215EPSS
Exploits0References3
Prion
Prion
added 2021/06/04 11:15 a.m.11 views

Authentication flaw

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

3.5CVSS5.4AI score0.01215EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/06/04 11:15 a.m.14 views

Authentication flaw

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...

5CVSS7.6AI score0.01891EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/04 10:47 a.m.15 views

CVE-2020-36382

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...

7.6AI score0.01891EPSS
Exploits0References2
CVE
CVE
added 2021/06/04 10:47 a.m.68 views

CVE-2020-36382

OpenVPN Access Server versions 2.7.3 through 2.8.7 are affected by CVE-2020-36382. The issue is a failure during the user authentication phase where incorrect authentication token data can trigger an assert, leading to a denial of service. This vulnerability is documented by SUSE security advisor...

7.5CVSS7.5AI score0.01891EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/04 10:42 a.m.25 views

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...

5.4AI score0.01215EPSS
Exploits0References2
CVE
CVE
added 2021/06/04 10:42 a.m.56 views

CVE-2020-15077

OpenVPN Access Server CVE-2020-15077 affects OpenVPN Access Server 2.8.7 and earlier. The vulnerability allows remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, potentially enabling information leaks. The connected docume...

5.3CVSS5.4AI score0.01215EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/06/04 12:0 a.m.5 views

PT-2021-9735 · Openvpn · Openvpn Access Server

Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.8.7 and earlier Description: The issue allows remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially be used to trigg...

5.3CVSS5.4AI score0.01215EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/04 12:0 a.m.5 views

OpenVPN 代码问题漏洞

Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted tunnels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificate, or a...

7.5CVSS6.6AI score0.01891EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/04 12:0 a.m.4 views

PT-2021-12032 · Openvpn · Openvpn Access Server

Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.7.3 through 2.8.7 Description: The issue allows remote attackers to trigger an assert during the user authentication phase. This occurs when incorrect authentication token data is provided in an early phase of...

7.5CVSS6AI score0.01891EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/04 12:0 a.m.5 views

OpenVPN 授权问题漏洞

Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted channels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate,...

5.3CVSS6.6AI score0.01215EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/03 12:0 a.m.6 views

OpenVPN has an unspecified vulnerability

Openvpn OpenVPN is a software package from the American company OpenVPN Openvpn for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificat...

7.8CVSS6.6AI score0.00358EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.133 views

OpenVPN: Authentication bypass

Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description It was discovered that OpenVPN incorrectly handled deferred authentication. Impact A remote attacker could bypass authentication and access control channel data and trigger further information leaks. Workaround...

7.5CVSS2.4AI score0.05107EPSS
Exploits0
CNNVD
CNNVD
added 2021/05/26 12:0 a.m.5 views

OpenVPN 后置链接漏洞

Openvpn OpenVPN is a software package from the American company OpenVPN Openvpn for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificat...

7.8CVSS5.7AI score0.00358EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.32 views

openSUSE Security Update : openvpn (openSUSE-2021-734)

This update for openvpn fixes the following issues : - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scripti...

9.1CVSS6.4AI score0.05107EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2021/05/17 12:0 a.m.30 views

openSUSE: Security Advisory for openvpn (openSUSE-SU-2021:0734-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS6.6AI score0.05107EPSS
Exploits2References2
OSV
OSV
added 2021/05/15 4:4 p.m.6 views

OPENSUSE-SU-2021:0734-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scriptin...

9.1CVSS6.2AI score0.05107EPSS
Exploits2References7
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/15 12:0 a.m.45 views

Security update for openvpn (moderate)

openSUSE Security Update: Security update for openvpn Announcement ID: openSUSE-SU-2021:0734-1 Rating: moderate References: 1085803 1169925 1185279 Cross-References: CVE-2018-7544 CVE-2020-11810 CVE-2020-15078 CVSS scores: CVE-2018-7544 NVD : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H...

5.3CVSS7.4AI score0.05107EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.39 views

SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2021:1577-1)

This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. CVE-2018-7544: Fixed cross-protocol scripting iss...

9.1CVSS6.4AI score0.05107EPSS
Exploits2References10
Rows per page
Query Builder