Cross-Site Request Forgery Vulnerability in OpenVPN Access Server
CVE-2013-2692

Currently unrated

Key Information:

Vendor

Openvpn
Status
Openvpn Access Server
Vendor
CVE Published:
13 May 2014

What is CVE-2013-2692?

The OpenVPN Access Server before version 1.8.5 is susceptible to a cross-site request forgery (CSRF) vulnerability. This allows remote attackers to exploit the Admin web interface, enabling them to hijack administrator authentication and execute unauthorized requests, such as creating new administrative users without consent. Organizations using affected versions of OpenVPN Access Server should be aware of this security risk and consider updating to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/52802
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/93111
vdb-entryx_refsource_OSVDB
http://openvpn.net/index.php/access-server/download-openv...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.