Vulnerability Details : CVE-2020-25200
Potential exploit
Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. Initially, the server will return error 401. However, if the username is valid, then after 20 login attempts, the server will start responding with error 400. Invalid usernames will receive error 401 indefinitely. Note: This has been disputed by the vendor as not a vulnerability. They argue that this is an intended design
Products affected by CVE-2020-25200
- cpe:2.3:a:pritunl:pritunl:1.29.2145.25:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-25200
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-25200
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2020-25200
-
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-25200
-
https://pritunl.com
Pritunl - Open Source Enterprise Distributed OpenVPN, IPsec and WireGuard ServerVendor Advisory
-
https://github.com/lukaszstu/pritunl/blob/master/CVE-2020-25200
pritunl/CVE-2020-25200 at master · lukaszstu/pritunl · GitHubExploit;Third Party Advisory
-
https://pritunl.com/security
Pritunl - Advanced SecurityVendor Advisory
Jump to