CVE-2024-26330

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout, user credentials remain in memory while the process is still open, and can be obtained by dumping the process memory and parsing it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Common Weakness Enumeration
References
https://www.secuvera.de/advisories/secuvera-SA-2024-04.md
https://www.secuvera.de/advisories/secuvera-SA-2024-04.txt
https://www.secuvera.de/advisories/secuvera-SA-2024-04.md
https://www.secuvera.de/advisories/secuvera-SA-2024-04.txt