Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-7522

UNKNOWN
Published 2017-06-27T13:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-7522. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

OpenVPN Technologies, Inc

OpenVPN

Affected Versions:

before 2.4.3 before 2.3.17

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-c6pr-p5hf-w49p

Advisory Details

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-7522
WEB https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
WEB http://www.securityfocus.com/bid/99230
WEB http://www.securitytracker.com/id/1038768

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022

References

https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
http://www.securitytracker.com/id/1038768
http://www.securityfocus.com/bid/99230

HackerOne Reports

4 severe remote + several minor OpenVPN vulnerabilities High
guido
Internet Bug Bounty
View Report
Published: 2017-06-27T13:00:00
Last Modified: 2024-08-05T16:04:11.857Z
Copied to clipboard!