vulnerability

FreeBSD: VID-45a72180-a640-11ec-a08b-85298243e224 (CVE-2022-0547): openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Mar 17, 2022	Nov 4, 2022	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Mar 17, 2022

Added

Nov 4, 2022

Modified

Dec 10, 2025

Description

David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6.

Solutions

freebsd-upgrade-package-openvpnfreebsd-upgrade-package-openvpn-mbedtls

References

CVE-2022-0547
https://attackerkb.com/topics/CVE-2022-0547
CWE-305
CWE-287

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today