OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials
CPE | Name | Operator | Version |
---|---|---|---|
connect | lt | 3.4.0.4506 | |
connect | lt | 3.4.0.3121 |