CVE-2022-33738

Summary

OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal

Affected Software

VendorProductVersion RangeStatus
n/aOpenVPN Access Serveruntil 2.11affected

Weaknesses

  • CWE-331: CWE-331: Insufficient Entropy

ADP Enrichment

CVE Program Container

Additional References

References