CVE-2020-36382
N/A
N/A
Summary
OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | OpenVPN Access Server | 2.7.3 to 2.8.7 | affected |
Weaknesses
- CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
- https://openvpn.net/vpn-server-resources/release-notes/
- https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/
References
- https://openvpn.net/vpn-server-resources/release-notes/
- https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.