Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-24974


The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.


Published

2024-07-08T11:15:10.103

Last Modified

2024-11-21T09:00:04.127

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-923
  • Type: Primary
    NVD-CWE-Other

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application openvpn openvpn < 2.5.10 Yes
Application openvpn openvpn < 2.6.10 Yes

References