What the vulnerability does

01Description

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

Key dates

02Disclosure timeline

April 26, 2021 CVE published
August 4, 2024 Record updated