CVE-2024-42463

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.
Configurations

Configuration 1 (hide)

cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:*

History

28 Aug 2024, 20:38

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CPE cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:*
References () https://support.upkeeper.se/hc/en-us/articles/15432241822620-CVE-2024-42463-Leak-of-organizations-messages - () https://support.upkeeper.se/hc/en-us/articles/15432241822620-CVE-2024-42463-Leak-of-organizations-messages - Vendor Advisory
First Time Upkeeper
Upkeeper upkeeper Manager

19 Aug 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en el producto upKeeper Solutions, upKeeper Manager permite utilizar la confianza de REST en el recurso de System para obtener datos confidenciales. Este problema afecta a upKeeper Manager: hasta 5.1.9.

16 Aug 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-16 14:15

Updated : 2024-08-28 20:38


NVD link : CVE-2024-42463

Mitre link : CVE-2024-42463

CVE.ORG link : CVE-2024-42463


JSON object : View

Products Affected

upkeeper

  • upkeeper_manager
CWE
CWE-639

Authorization Bypass Through User-Controlled Key