{"api_version":"1","generated_at":"2026-04-23T04:21:13+00:00","cve":"CVE-2017-5868","urls":{"html":"https://cve.report/CVE-2017-5868","api":"https://cve.report/api/cve/CVE-2017-5868.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-5868","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-5868"},"summary":{"title":"CVE-2017-5868","description":"CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via \"%0A\" characters in the PATH_INFO to __session_start__/.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-05-26 01:29:00","updated_at":"2017-06-06 14:10:00"},"problem_types":["CWE-93"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1038547","name":"1038547","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"OpenVPN Access Server Input Validation Flaw Lets Remote Users Conduct Session Fixation Attacks to Hijack a Target User's Session - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2017/05/23/13","name":"[oss-security] 20170523 [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation","refsource":"MLIST","tags":["Exploit","Mailing List","Third Party Advisory"],"title":"oss-security - [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session\n fixation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation/","name":"https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation/","refsource":"MISC","tags":["Exploit","Mitigation","Third Party Advisory"],"title":"[CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation - Sysdream","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-5868","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5868","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"5868","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openvpn","cpe5":"openvpn_access_server","cpe6":"2.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"5868","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openvpn","cpe5":"openvpn_access_server","cpe6":"2.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-5868","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via \"%0A\" characters in the PATH_INFO to __session_start__/."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation/","refsource":"MISC","url":"https://sysdream.com/news/lab/2017-05-05-cve-2017-5868-openvpn-access-server-crlf-injection-with-session-fixation/"},{"name":"1038547","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1038547"},{"name":"[oss-security] 20170523 [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2017/05/23/13"}]}},"nvd":{"publishedDate":"2017-05-26 01:29:00","lastModifiedDate":"2017-06-06 14:10:00","problem_types":["CWE-93"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:openvpn:openvpn_access_server:2.1.4:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"5868","Ordinal":"102461","Title":"CVE-2017-5868","CVE":"CVE-2017-5868","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"5868","Ordinal":"1","NoteData":"CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via \"%0A\" characters in the PATH_INFO to __session_start__/.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"5868","Ordinal":"2","NoteData":"2017-05-25","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"5868","Ordinal":"3","NoteData":"2017-05-25","Type":"Other","Title":"Modified"}]}}}