Vulnerability identifier: #VU380
Vulnerability risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
OpenVPN
Server applications /
Remote access servers, VPN
Vendor: openvpn.net
Description
The vulnerability allows attackers to gain access to potentially sensitive information.
The vulnerability exists due to capturing of long duration Blowfish CBC mode encrypted TLS session. Repeated sending of communication protocol with parts of the plaintext helps attackers to reconstruct the secret information.
Successful exploitation of this vulnerability may allow a remote attacker to access potentially sensitive data.
Mitigation
The vendor plans to issue a new version 2.3.12.
Vulnerable software versions
OpenVPN: 2.0 - 2.0.10, 2.1 - 2.1.28.0, 2.3.0 - 2.3.5, 2.2 - 2.2.2, 1.3.0 - 1.3.2, 1.4.0 - 1.4.3, 1.2.0 - 1.2.1, 1.6.0, 1.5.0
External links
http:openvpn.net/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.