exploitDog

CVE-2024-42463

Опубликовано: 16 авг. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.

Ссылки

https://support.upkeeper.se/hc/en-us/articles/15432241822620-CVE-2024-42463-Leak-of-organizations-messages
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:*

Версия до 5.1.10 (исключая)

EPSS

Процентиль: 30%

0.00112

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-639

CWE-639

Связанные уязвимости

GHSA-fhxh-jfcp-fmv9

CVSS3: 6.5

github

больше 1 года назад

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.

EPSS

Процентиль: 30%

0.00112

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-639

CWE-639