CVE-2020-15074: OpenVPN vulnerability

Share this with people that should know this:

OpenVPN Access Server older than version 2.8.4 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.

References

  • openvpn.net/vpn-server-resources/release-notes/
  • openvpn.net/vpn-server-resources/release-notes/
  • Share this with people that should know this: