This issue does not affect Red Hat Enterprise Linux 5, 6 and 7 as OpenVPN is not included in any of Red Hat's supported products.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||7.5|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H|
AcknowledgementsRed Hat would like to thank the OpenVPN project for reporting this issue. Upstream acknowledges Guido Vranken as the original reporter.
CVE description copyright © 2017, The MITRE Corporation