Vulnerabilities > CVE-2020-36382 - Reachable Assertion vulnerability in Openvpn Access Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/
- https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/
- https://openvpn.net/vpn-server-resources/release-notes/
- https://openvpn.net/vpn-server-resources/release-notes/