CVE-2017-7522

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a…

redhat·CWE-20·Published 2017-06-27

CVSS

—

EPSS

0.06

KEV

Exploits

cve.orgen

175 chars

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

NVDen

175 chars

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

NVDes

210 chars

Las versiones de OpenVPN anteriores a 2.4.3 y 2.3.17, son vulnerables a una denegación de servicio por parte de un atacante remoto autenticado mediante el envío de un certificado con un carácter NULL insertado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P
3.0	Primary	NVD	6.5	2.8	3.6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H