Description

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.

Remediation

References

CVE-2020-36382

Related Vulnerabilities

Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006)

WordPress Plugin Question and Answer Forum 'title' Variable Cross-Site Scripting (1.2.4)

Apache HTTP Server CVE-2013-6438 Vulnerability (CVE-2013-6438)

Oracle Database Server CVE-2015-4888 Vulnerability (CVE-2015-4888)

WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (5.5.15)

Severity

High

Classification

CVE-2020-36382 CWE-754 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities