CVE-2020-15074

OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.
References
Link Resource
https://openvpn.net/vpn-server-resources/release-notes/ Release Notes Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:openvpn:openvpn_access_server:*:*:*:*:*:*:*:*
cpe:2.3:a:openvpn:openvpn_access_server:*:*:*:*:*:*:*:*

Information

Published : 2020-07-14 06:15

Updated : 2021-11-23 10:25


NVD link : CVE-2020-15074

Mitre link : CVE-2020-15074

Products Affected
No products.
CWE