CVE-2024-13454

EUVD-2024-51611
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
openvpneasy-rsa
3.0.5 ≤
𝑥
≤ 3.1.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
easy-rsa
bookworm
no-dsa
bullseye
3.0.8-1
not-affected
forky
3.2.5-1
fixed
sid
3.2.5-1
fixed
trixie
3.2.2-1
fixed
Common Weakness Enumeration
References
https://community.openvpn.net/openvpn/wiki/CVE-2024-13454