Unrated severityNVD Advisory· Published Jul 8, 2024· Updated Nov 1, 2024
CVE-2024-28882
CVE-2024-28882
Description
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/openvpn&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openvpn&distro=openSUSE%20Tumbleweedpkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 2.6.8-150600.3.3.1+ 4 more
- (no CPE)range: < 2.6.8-150600.3.3.1
- (no CPE)range: < 2.6.10-2.1
- (no CPE)range: < 2.6.8-150600.3.3.1
- (no CPE)range: < 2.3.8-16.32.1
- (no CPE)range: < 2.3.8-16.32.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.