OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
[
{
"product": "OpenVPN Access Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.8.7 and earlier versions"
}
]
}
]