CVE-2013-2692

Currently unrated

Key Information:

Vendor: Openvpn
Status: Openvpn Access Server
Vendor: CVE Published:; 13 May 2014

Summary

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

References

http://secunia.com/advisories/52802

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/93111

vdb-entryx_refsource_OSVDB

http://openvpn.net/index.php/access-server/download-openv...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 13, 2014
Vulnerability Reserved
Mar 26, 2013