Security Advisory

CVE-2021-3547

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-12 10:35:52

Last updated 2024-08-03 17:01:06

Assigner OpenVPN

State PUBLISHED

Description

OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration.

← Browse all CVEs View on cve.org ↗