CVE-2024-42464

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.
Configurations

Configuration 1 (hide)

cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:*

History

28 Aug 2024, 20:35

Type Values Removed Values Added
CPE cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:*
References () https://support.upkeeper.se/hc/en-us/articles/15432275702044-CVE-2024-42464-Leak-of-user-Information - () https://support.upkeeper.se/hc/en-us/articles/15432275702044-CVE-2024-42464-Leak-of-user-Information - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
First Time Upkeeper
Upkeeper upkeeper Manager

19 Aug 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en el producto upKeeper Solutions, upKeeper Manager permite utilizar la confianza de REST en el recurso de System para obtener datos confidenciales. Este problema afecta a upKeeper Manager: hasta 5.1.9.

16 Aug 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-16 14:15

Updated : 2024-08-28 20:35


NVD link : CVE-2024-42464

Mitre link : CVE-2024-42464

CVE.ORG link : CVE-2024-42464


JSON object : View

Products Affected

upkeeper

  • upkeeper_manager
CWE
CWE-639

Authorization Bypass Through User-Controlled Key