OpenVPN AS Insufficient Session Expiration Vulnerability - CVE-2020-15074 - Vulnerability Database

OpenVPN AS Insufficient Session Expiration Vulnerability - CVE-2020-15074

High
Reference: CVE-2020-15074
Title: OpenVPN AS Insufficient Session Expiration Vulnerability
Overview:

OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.