UpKeeper Manager Vulnerable to Improper Authentication Bypass
CVE-2024-42462

10CRITICAL

Key Information:

Vendor: Upkeeper Solutions
Status: Upkeeper Manager
Vendor: CVE Published:; 16 August 2024

🔔 Create Upkeeper Solutions Vulnerability Alert

What is CVE-2024-42462?

The vulnerability in upKeeper Manager by upKeeper Solutions results from improper authentication mechanisms, specifically allowing unauthorized users to bypass intended authentication processes. This flaw affects all versions up to 5.1.9, potentially exposing sensitive information and granting unauthorized access to critical functionalities within the application. Users are urged to evaluate their current security implementations and update their systems accordingly to mitigate risks associated with this vulnerability.

Affected Version(s)

upKeeper Manager 0 <= 5.1.9

References

https://support.upkeeper.se/hc/en-us/articles/15432045399...

CVSS V4

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 16, 2024
Vulnerability Reserved
Aug 2, 2024

CVE-2024-42462 Data

JSON