What the vulnerability does

01Description

OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal

Key dates

02Disclosure timeline

July 6, 2022 CVE published
August 3, 2024 Record updated