Unauthenticated Denial of Service Vulnerability in OpenVPN 2.3.12 and Newer

Unauthenticated Denial of Service Vulnerability in OpenVPN 2.3.12 and Newer

CVE-2017-7478 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Learn more about our Cis Benchmark Audit For Server Software.