OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portalReferenceshttps://openvpn.net/vpn-server-resources/release-notes/#openvpn-access-server-2-11-0
