Unrated severityNVD Advisory· Published Jan 6, 2025· Updated Jan 6, 2025
CVE-2024-8474
CVE-2024-8474
Description
OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OpenVPN/OpenVPN Connectv5Range: 0
Patches
Vulnerability mechanics
References
1- openvpn.net/connect-docs/android-release-notes.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.