Description

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.

Remediation

References

CVE-2020-36382

Related Vulnerabilities

MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)

MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10039)

Oracle Database Server CVE-2019-2753 Vulnerability (CVE-2019-2753)

WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)

TYPO3 Other Vulnerability (CVE-2006-6690)

Severity

High

Classification

CVE-2020-36382 CWE-754 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities