GCVE - cpe:2.3:a:n/a:openvpn_access_server:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openvpn_access_server:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Openvpn Access Server (`e2ab22c7-697b-5fc8-adad-833fda506c7e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-33738`	vulnerable	2026-06-08 05:44:51.199161	Details available OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal Published: 2022-07-06T15:10:33.000Z Updated: 2024-08-03T08:09:22.611Z Open on db.gcve.eu Reference links https://openvpn.net/vpn-server-resources/release-notes/#openvpn-access-server-2-11-0	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33737`	vulnerable	2026-06-08 05:44:51.197981	Details available The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password Published: 2022-07-06T15:09:08.000Z Updated: 2024-08-03T08:09:22.660Z Open on db.gcve.eu Reference links https://openvpn.net/vpn-server-resources/release-notes/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-4234`	vulnerable	2026-06-08 05:38:08.992878	Details available OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack. Published: 2022-07-06T19:10:17.000Z Updated: 2024-08-03T17:23:09.056Z Open on db.gcve.eu Reference links https://openvpn.net/vpn-server-resources/release-notes/#openvpn-access-server-2-11-0	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3824`	vulnerable	2026-06-08 05:33:54.381935	Details available OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL. Published: 2021-09-23T14:53:51.000Z Updated: 2024-08-03T17:09:09.578Z Open on db.gcve.eu Reference links https://openvpn.net/vpn-server-resources/release-notes/#openvpn-access-server-2-9-5	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-36382`	vulnerable	2026-06-08 05:25:02.998207	Details available OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service. Published: 2021-06-04T10:47:15.000Z Updated: 2024-08-04T17:23:10.453Z Open on db.gcve.eu Reference links https://openvpn.net/vpn-server-resources/release-notes/ https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-15077`	vulnerable	2026-06-08 05:19:25.215121	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-15074`	vulnerable	2026-06-08 05:19:25.209740	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.