Vulnerability in Openvpn Access Server

CVE-2022-33737

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password

EPSS: 0.003 (57.2th percentile) — read the EPSS interpretation.

Affected products

N/a Openvpn Access Server — versions from version 2.10.0 and before 2.11.0

Weakness classification (CWE)

CWE-708

References

openvpn.net/vpn-server-resources/release-notes/ (x_refsource_MISC)