Description
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-15132)
ReviveAdserver Other Vulnerability (CVE-2014-8875)
Joomla Session Fixation Vulnerability (CVE-2010-1434)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2356)
WordPress Plugin ThreeWP Email Reflector 'Subject' Field Cross-Site Scripting (1.15)