Vulnerability in Openvpn Access Server
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.
EPSS: 0.004 (60.3th percentile) — read the EPSS interpretation.
Affected products
- N/a Openvpn Access Server — versions 2.10 and prior version
Weakness classification (CWE)
References
- openvpn.net/vpn-server-resources/release-notes/ (x_refsource_MISC)