DEBIAN-CVE-2020-15078

DEBIAN-CVE-2020-15078 PUBLISHED CVSS 7.5 HIGH

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:14	openvpn	0, 0, 0
Debian:11	openvpn	0, 0, 0
Debian:13	openvpn	0, 0, 0
Debian:12	openvpn	0, 0, 0

Timeline

Apr 26, 2021 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-15078 advisory

Open in Interactive Console →