Description OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal Remediation References CVE-2022-33738 Related Vulnerabilities OpenSSL Improper Input Validation Vulnerability (CVE-2017-3733) Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003003) XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527) WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727) MySQL CVE-2019-2502 Vulnerability (CVE-2019-2502) Severity High Classification CVE-2022-33738 CWE-338 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities