Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.4
CVSSv3

CVE-2021-3547

Published: 12/07/2021 Updated: 27/10/2022
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2
VMScore: 517
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Openvpn

Vulnerability Summary

OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle malicious user to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openvpn openvpn 3.6

openvpn openvpn 3.6.1

References

CWE-295https://community.openvpn.net/openvpn/wiki/SecurityAnnouncementshttps://community.openvpn.net/openvpn/wiki/CVE-2021-3547https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook