Description

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.

Remediation

References

CVE-2020-36382

Related Vulnerabilities

SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17784)

WordPress Plugin Listing, Classified Ads & Business Directory-uListing Cross-Site Request Forgery (2.0.8)

WordPress Plugin Email Before Download SQL Injection (6.7)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7150)

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5621)

Severity

High

Classification

CVE-2020-36382 CWE-754 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities