1 results (0.006 seconds)
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3547
https://notcve.org/view.php?id=CVE-2021-3547
12 Jul 2021 — OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration. OpenVPN 3 Core Library versiones 3.6 y 3.6.1, permiten a un atacante tipo "man-in-the-middle" omitir la autenticación de certificados al emitir un certificado de servidor no relacionado usando el mismo nombre de host encontrado en la opción verify-x509-name e... • https://community.openvpn.net/openvpn/wiki/CVE-2021-3547 • CWE-295: Improper Certificate Validation CWE-305: Authentication Bypass by Primary Weakness •