OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvpn openvpn |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 36 |
||
debian debian linux 9.0 |