{"vulnerability": "CVE-2024-8474", "sightings": [{"uuid": "36ba6070-ab88-428e-80f0-01104349c154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf4qkdqbht2m", "content": "", "creation_timestamp": "2025-01-07T03:49:10.068226Z"}, {"uuid": "a29b4361-cdca-43f8-8db0-a9a1fdb24d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/eyeofhorusc.bsky.social/post/3lfa7jl2uis2q", "content": "", "creation_timestamp": "2025-01-08T12:55:17.448599Z"}, {"uuid": "0010845c-5d02-4620-b933-49ac53ece812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://threatintel.cc/2025/01/08/openvpn-connect-vulnerability-let-attackers.html", "content": "", "creation_timestamp": "2025-01-08T12:46:57.000000Z"}, {"uuid": "8e4515d8-ddfe-4918-a14b-f50c9b8afcec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lf4ssfmzwk22", "content": "", "creation_timestamp": "2025-01-07T04:29:31.102976Z"}, {"uuid": "6323d60a-87d0-488a-9fbc-16beb23d3817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3lf5mcffpzs26", "content": "", "creation_timestamp": "2025-01-07T12:05:48.099119Z"}, {"uuid": "6bdc83af-a440-4e83-aca8-057d6a785f49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lf5b5z4pov2y", "content": "", "creation_timestamp": "2025-01-07T08:46:30.072425Z"}, {"uuid": "0967ba4d-9e06-4189-b221-8c0d9dbc7c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-8474", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lf4ybyhcrs26", "content": "", "creation_timestamp": "2025-01-07T06:07:40.005955Z"}, {"uuid": "74caa6ea-8db6-4bf8-a195-0e51760d9afe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-8474", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lf4ycj52uc26", "content": "", "creation_timestamp": "2025-01-07T06:07:57.552115Z"}, {"uuid": "843606ba-e5c4-449c-8dc2-80c142a18d52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113781914545129480", "content": "", "creation_timestamp": "2025-01-06T14:37:13.684059Z"}, {"uuid": "6887b483-a549-45fb-b176-2af765af7433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf3gh2e3sl2m", "content": "", "creation_timestamp": "2025-01-06T15:15:42.867067Z"}, {"uuid": "f640a207-d2dd-4f4f-a59b-f985e10eeecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf3itd5nl52q", "content": "", "creation_timestamp": "2025-01-06T15:58:22.265853Z"}, {"uuid": "19acb1b5-284b-44ef-9bdd-618c5c57645b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113782269269131585", "content": "", "creation_timestamp": "2025-01-06T16:07:26.362070Z"}, {"uuid": "fbbdf724-dafb-4b46-8f19-5351464e01d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/166", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-qcg2-98h8-485j\n\ud83d\udd17 Aliases: CVE-2024-8474\n\ud83d\udd39 Details: OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic\n\ud83d\uddd3\ufe0f Modified: 2025-01-06T15:31:00Z\n\ud83d\uddd3\ufe0f Published: 2025-01-06T15:31:00Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-212\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-844\n2. https://openvpn.net/connect-docs/android-release-notes.html", "creation_timestamp": "2025-01-06T15:36:33.000000Z"}, {"uuid": "97920b0d-7499-4d69-aecb-4694546d360a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://t.me/CyberBulletin/1989", "content": "\u26a1\ufe0fCVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys.\n\n#CyberBulletin", "creation_timestamp": "2025-01-07T08:15:05.000000Z"}, {"uuid": "a018a5d6-2919-4002-8f17-79b295dd54ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://t.me/cvedetector/14360", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8474 - OpenVPN Connect Private Key Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-8474 \nPublished : Jan. 6, 2025, 3:15 p.m. | 31\u00a0minutes ago \nDescription : OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-06T16:55:49.000000Z"}, {"uuid": "5576cfc6-9b19-4a5e-ad90-8041250c041f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8474", "type": "seen", "source": "https://t.me/TheDarkWebInformer/10218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-qcg2-98h8-485j\n\ud83d\udd17 Aliases: CVE-2024-8474\n\ud83d\udd39 Details: OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic\n\ud83d\uddd3\ufe0f Modified: 2025-01-06T15:31:00Z\n\ud83d\uddd3\ufe0f Published: 2025-01-06T15:31:00Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-212\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-844\n2. https://openvpn.net/connect-docs/android-release-notes.html", "creation_timestamp": "2025-01-10T04:23:05.000000Z"}]}