OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HOpenvpn Access Server
APPOpenvpn< 2.11.0
Related vulnerabilities
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or rem...
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in ...
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker ...
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web p...
The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and be...