QwikSec

Security Database

CVE

CWE

Training

CVE-2020-15077

Published: Jun 4, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

Vendor	Product	Versions
n/a	OpenVPN Access Server	affected `2.8.7 and earlier versions`

Weaknesses (CWE)

References

https://openvpn.net/vpn-server-resources/release-notes/

x_refsource_MISC

https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.