Vulnerability Details : CVE-2017-5868
Potential exploit
CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/.
Products affected by CVE-2017-5868
- cpe:2.3:a:openvpn:openvpn_access_server:2.1.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-5868
5.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-5868
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2017-5868
-
The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5868
-
http://www.openwall.com/lists/oss-security/2017/05/23/13
oss-security - [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixationExploit;Mailing List;Third Party Advisory
-
https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation/
Sysdream, [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixationExploit;Mitigation;Third Party Advisory
-
http://www.securitytracker.com/id/1038547
OpenVPN Access Server Input Validation Flaw Lets Remote Users Conduct Session Fixation Attacks to Hijack a Target User's Session - SecurityTrackerThird Party Advisory;VDB Entry
Jump to