{"containers":{"cna":{"affected":[{"product":"OpenVPN Access Server","vendor":"n/a","versions":[{"status":"affected","version":"2.8.3 and prior versions in addition to 2.9.5"}]}],"descriptions":[{"lang":"en","value":"OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-302","description":"CWE-302: Authentication Bypass by Assumed-Immutable Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-11-22T18:04:24.000Z","orgId":"36a55730-e66d-4d39-8ca6-3c3b3017965e","shortName":"OpenVPN"},"references":[{"tags":["x_refsource_MISC"],"url":"https://openvpn.net/vpn-server-resources/release-notes/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@openvpn.net","ID":"CVE-2020-15074","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"OpenVPN Access Server","version":{"version_data":[{"version_value":"2.8.3 and prior versions in addition to 2.9.5"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-302: Authentication Bypass by Assumed-Immutable Data"}]}]},"references":{"reference_data":[{"name":"https://openvpn.net/vpn-server-resources/release-notes/","refsource":"MISC","url":"https://openvpn.net/vpn-server-resources/release-notes/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T13:08:21.889Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://openvpn.net/vpn-server-resources/release-notes/"}]}]},"cveMetadata":{"assignerOrgId":"36a55730-e66d-4d39-8ca6-3c3b3017965e","assignerShortName":"OpenVPN","cveId":"CVE-2020-15074","datePublished":"2020-07-14T17:27:31.000Z","dateReserved":"2020-06-25T00:00:00.000Z","dateUpdated":"2024-08-04T13:08:21.889Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}