Openvpn Schwachstellen

Zeitverlauf

Typ

Network Encryption Software	18

Produkt

OpenVPN Access Server	11
OpenVPN Connect	4
OpenVPN Core Library	2
OpenVPN Private Tunnel Installer	1

Massnahmen

Official Fix	8
Temporary Fix	0
Workaround	0
Unavailable	1
Not Defined	9

Ausnutzbarkeit

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	18

Zugriffsart

Not Defined	0
Physical	0
Local	2
Adjacent	3
Network	13

Authentisierung

Not Defined	0
High	0
Low	9
None	9

Benutzeraktivität

Not Defined	0
Required	2
None	16

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	4
≤6	4
≤7	6
≤8	1
≤9	1
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	4
≤6	4
≤7	6
≤8	1
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	6
≤5	2
≤6	5
≤7	2
≤8	3
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	1
≤7	2
≤8	6
≤9	0
≤10	1

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	7
<2k	8
<5k	3
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	18
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (4): Access Server (11), Connect (4), Core Library (2), Private Tunnel Installer (1)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
21.02.2024	3.5	3.5	OpenVPN Core Library PKCS#7 Parser Denial of Service	Network Encryption Software	Not Defined	Not Defined	0.00043	0.06	CVE-2023-6247
20.02.2024	5.3	5.3	OpenVPN Connect Node.js Framework Local Privilege Escalation	Network Encryption Software	Not Defined	Not Defined	0.00043	0.00	CVE-2023-7245
08.01.2024	6.5	6.5	OpenVPN Connect Environment Variable Local Privilege Escalation	Network Encryption Software	Not Defined	Not Defined	0.00042	0.04	CVE-2023-7224
17.10.2023	4.8	4.7	OpenVPN Connect Configuration Profile schwache Authentisierung	Network Encryption Software	Not Defined	Official Fix	0.00085	0.03	CVE-2022-3761
07.07.2022	5.6	5.5	OpenVPN Access Server Web Portal schwache Verschlüsselung	Network Encryption Software	Not Defined	Official Fix	0.00151	0.04	CVE-2022-33738
07.07.2022	5.5	5.5	OpenVPN Access Server Information Disclosure	Network Encryption Software	Not Defined	Not Defined	0.00150	0.00	CVE-2022-33737
07.07.2022	6.4	6.4	OpenVPN Access Server Denial of Service	Network Encryption Software	Not Defined	Not Defined	0.00089	0.00	CVE-2021-4234
24.09.2021	4.8	4.7	OpenVPN Access Server Web Login Page erweiterte Rechte	Network Encryption Software	Not Defined	Official Fix	0.00104	0.00	CVE-2021-3824
12.07.2021	3.7	3.6	OpenVPN Core Library Server Certificate schwache Authentisierung	Network Encryption Software	Not Defined	Official Fix	0.00087	0.00	CVE-2021-3547
03.07.2021	6.3	6.3	OpenVPN Connect OpenSSL Configuration File OpenVPNConnect.exe erweiterte Rechte	Network Encryption Software	Not Defined	Not Defined	0.00060	0.00	CVE-2021-3613

8 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 8 results.

◂ ZurückÜbersichtWeiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!