WEB APPLICATION VULNERABILITIES Standard & Premium

OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)

Description

OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal

Remediation

References

Related Vulnerabilities

WordPress Plugin 3DPrint Lite Arbitrary File Upload (1.9.1.4)

WordPress Plugin HT Slider Range for Amazon affiliates Cross-Site Scripting (1.1.5)

WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator SQL Injection (4.4.2)

WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)

Severity

High

Classification

CVE-2022-33738 CWE-338 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities