Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.32 views

openSUSE Security Update : openvpn (openSUSE-2021-734)

This update for openvpn fixes the following issues : - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scripti...

9.1CVSS6.4AI score0.05107EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.39 views

SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2021:1577-1)

This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. CVE-2018-7544: Fixed cross-protocol scripting iss...

9.1CVSS6.4AI score0.05107EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.41 views

SUSE SLES12 Security Update : openvpn (SUSE-SU-2021:1576-1)

This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803. Note that Tenable Network Security has extracte...

9.1CVSS7.1AI score0.05107EPSS
Exploits1References7
OSV
OSV
added 2021/05/12 10:6 a.m.8 views

SUSE-SU-2021:1576-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803...

9.1CVSS8.4AI score0.05107EPSS
Exploits1References5
OSV
OSV
added 2021/05/12 10:5 a.m.8 views

SUSE-SU-2021:14723-1 Security update for openvpn-openssl1

This update for openvpn-openssl1 fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803...

9.1CVSS8.4AI score0.05107EPSS
Exploits1References5
OSV
OSV
added 2018/03/16 3:29 p.m.8 views

CVE-2018-7544

A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive...

9.1CVSS9.5AI score
Exploits0References1
CVE
CVE
added 2018/03/16 3:0 p.m.158 views

CVE-2018-7544

CVE-2018-7544 affects OpenVPN up to 2.4.5 where the management interface, if exposed over TCP without authentication and no clients connected, allows cross-protocol scripting via XMLHttpRequest to localhost:23000. An attacker can issue arbitrary management commands, exfiltrate data, or trigger a ...

9.1CVSS7.9AI score0.01899EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder