First published: Fri Mar 18 2022(Updated: )
Last updated 24 July 2024
Credit: security@openvpn.net security@openvpn.net
Affected Software | Affected Version | How to fix |
---|---|---|
Openvpn Openvpn | >=2.1.0<2.4.12 | |
Openvpn Openvpn | >=2.5.0<2.5.6 | |
Fedoraproject Fedora | =34 | |
Fedoraproject Fedora | =36 | |
Debian Debian Linux | =9.0 | |
debian/openvpn | <=2.5.1-3 | 2.6.3-1+deb12u2 2.6.12-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-0547 is critical.
CVE-2022-0547 enables authentication bypass in OpenVPN plug-ins, allowing external users to gain access with partially correct credentials.
OpenVPN versions 2.1 until v2.4.12 and v2.5.6 are affected by CVE-2022-0547.
Update OpenVPN to a version newer than v2.4.12 or v2.5.6 to fix CVE-2022-0547.
For more information about CVE-2022-0547, you can refer to the OpenVPN community website and the Debian security announcements.