Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2020-11462

Published: 04/05/2020 Updated: 12/05/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Openvpn

Vulnerability Summary

An issue exists in OpenVPN Access Server prior to 2.7.0 and 2.8.x prior to 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management interface when sending an XML Entity Expansion (XEE) payload to the XMLRPC based RPC2 interface. The duration of the DoS state depends on available memory and CPU speed. The default restricted mode of the RPC2 interface is NOT vulnerable.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openvpn openvpn access server

References

CWE-776https://openvpn.net/vpn-server-resources/release-notes/#Release_notes_for_OpenVPN_Access_Server_283https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook