Severity: Critical
CVE ID: CVE-2024-42462
Details
This advisory address a vulnerability in the administration login process where required multi factor authentication can be bypassed. Vulnerability reported and patched in the following upKeeper products.
Applicability
Product Name | Impacted Version(s) | Fixed Version(s) | Released On |
upKeeper Manager* | 5.1.9 and below | 5.1.10 | 2024-07-01 |
* - Applicable only if multi factor authentication is enabled.
Impact
This vulnerability allows an unauthenticated user to access the system.
Fix
This issue can be fixed by updating upKeeper Manager to the latest version.
Acknowledgements
This vulnerability was reported by Eslam Mohamed and Eslam Kamal.
Please contact our security team (secure@upkeeper.se) for security related questions and product support (help@upkeeper.se) for questions about our products or services.
Comments
0 comments
Article is closed for comments.