The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 3.7
Impact Score: 1.4
Exploitability Score: 2.2
|149641||openSUSE Security Update : openvpn (openSUSE-2021-734)||Nessus||SuSE Local Security Checks|
|149458||SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2021:1577-1)||Nessus||SuSE Local Security Checks|
|149252||Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : OpenVPN vulnerabilities (USN-4933-1)||Nessus||Ubuntu Local Security Checks|
|139090||Amazon Linux AMI : openvpn (ALAS-2020-1410)||Nessus||Amazon Linux Local Security Checks|
|136297||Fedora 30 : openvpn (2020-969414e05b)||Nessus||Fedora Local Security Checks|
|136000||Fedora 31 : openvpn (2020-e56f2deb30)||Nessus||Fedora Local Security Checks|
|135717||Slackware 14.0 / 14.1 / 14.2 / current : openvpn (SSA:2020-107-01)||Nessus||Slackware Local Security Checks|
|135714||FreeBSD : openvpn -- illegal client float can break VPN session for other users (8604121c-7fc2-11ea-bcac-7781e90b0c8f)||Nessus||FreeBSD Local Security Checks|