{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T14:15:23.685","vulnerabilities":[{"cve":{"id":"CVE-2020-36382","sourceIdentifier":"security@openvpn.net","published":"2021-06-04T11:15:07.790","lastModified":"2024-11-21T05:29:22.280","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service."},{"lang":"es","value":"OpenVPN Access Server versiones 2.7.3 a 2.8.7, permite a atacantes remotos desencadenar una aserción durante la fase de autenticación del usuario por medio de datos de token de autenticación incorrectos en una fase temprana de la autenticación del usuario, resultando en una denegación de servicio"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@openvpn.net","type":"Secondary","description":[{"lang":"en","value":"CWE-754"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn_access_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.7.3","versionEndIncluding":"2.8.7","matchCriteriaId":"5CCB7D6A-6B44-48D0-B392-56292BA7D35C"}]}]}],"references":[{"url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/","source":"security@openvpn.net","tags":["Vendor Advisory"]},{"url":"https://openvpn.net/vpn-server-resources/release-notes/","source":"security@openvpn.net","tags":["Release Notes","Vendor Advisory"]},{"url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2020-15077-cve-2020-36382/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://openvpn.net/vpn-server-resources/release-notes/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}