Unrated severityNVD Advisory· Published Jul 12, 2021· Updated Aug 3, 2024
CVE-2021-3547
CVE-2021-3547
Description
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration.
Affected products
2- OpenVPN/OpenVPN 3 Core Librarydescription
Patches
Vulnerability mechanics
References
2- community.openvpn.net/openvpn/wiki/CVE-2021-3547mitrex_refsource_MISC
- community.openvpn.net/openvpn/wiki/SecurityAnnouncementsmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.