CVE-2020-15078

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenVPN versions 2.5.1 and earlier

Description The issue allows a remote attacker to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially be used to trigger further information leaks. The vulnerability is related to the deferred authentication function, which can be exploited to force the server to return a PUSH REPLY message with VPN settings before sending an AUTH FAILED message.

Recommendations For OpenVPN versions 2.5.1 and earlier, update to version 2.5.2 to fix the security vulnerabilities. As a temporary workaround, consider disabling the deferred authentication feature until a patch is available. Restrict access to the control channel to minimize the risk of exploitation. Avoid using the --auth-gen-token option or user-specific token auth solutions in combination with deferred authentication until the issue is resolved.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-305

Related Identifiers

ALT-PU-2021-2120

ALT-PU-2022-1576

ALT-PU-2022-2690

ALT-PU-2024-14147

ALT-PU-2024-14550

ALT-PU-2024-14578

BDU:2021-02221

CVE-2020-15078

DLA-2992-1

MGASA-2021-0302

OESA-2021-1197

OPENSUSE-SU-2021:0734-1

OPENSUSE-SU-2021_0734-1

OPENSUSE-SU-2024:11128-1

SUSE-SU-2021:14723-1

SUSE-SU-2021:1576-1

SUSE-SU-2021:1577-1

SUSE-SU-2021_14723-1

USN-4933-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Openvpn

Suse

Ubuntu

CVE-2020-15078

Weakness Enumeration

Related Identifiers

Affected Products

References · 63