First published: Wed Jul 06 2022(Updated: )
The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password
Credit: security@openvpn.net security@openvpn.net
Affected Software | Affected Version | How to fix |
---|---|---|
Openvpn Openvpn Access Server | >=2.10.0<2.11.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-33737.
The severity of CVE-2022-33737 is high.
The OpenVPN Access Server installer creates a log file readable for everyone, which may contain a random generated admin password.
Versions 2.10.0 and previous versions before 2.11.0 of the OpenVPN Access Server are affected.
To fix CVE-2022-33737, it is recommended to update to version 2.11.0 or later of the OpenVPN Access Server.