OpenVPN Access Server older than version 2.8.4 generates... · CVE-2020-15074 · GitHub Advisory Database · GitHub

OpenVPN Access Server older than version 2.8.4 generates...

Moderate severity Unreviewed Published May 24, 2022 to the GitHub Advisory Database • Updated Jan 29, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

OpenVPN Access Server older than version 2.8.4 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.

References

Published by the National Vulnerability Database

Jul 14, 2020

Published to the GitHub Advisory Database May 24, 2022

Last updated Jan 29, 2023