Lucene search
80f39f49-2521-4ee7-9e17-af5d55e8032fNVD:CVE-2024-42463HistoryAug 16, 2024 - 2:15 p.m.
CVE-2024-42463
2024-08-1614:15:13
CWE-639
80f39f49-2521-4ee7-9e17-af5d55e8032f
web.nvd.nist.gov
3
authorization bypass
upkeeper manager
rest trust
sensitive data
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
18.8%
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST’s Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.
Affected configurations
Node
upkeeperupkeeper_managerRange<5.1.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| upkeeper | upkeeper_manager | * | cpe:2.3:a:upkeeper:upkeeper_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-42463 Leak of organizations messages
2024-08-16 13:24:07
cve
cve
CVE-2024-42463
2024-08-16 14:15:13
vulnrichment
vulnrichment
CVE-2024-42463 Leak of organizations messages
2024-08-16 13:24:07
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
18.8%
Related for NVD:CVE-2024-42463