CVE-2022-33737

Summary

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password

Affected Software

VendorProductVersion RangeStatus
n/aOpenVPN Access Serverfrom version 2.10.0 and before 2.11.0affected

Weaknesses

  • CWE-708: CWE-708: Incorrect Ownership Assignment

ADP Enrichment

CVE Program Container

Additional References

References