CVE-2024-42466 – Lack of resources and rate limiting - login
https://notcve.org/view.php?id=CVE-2024-42466
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. • https://support.upkeeper.se/hc/en-us/articles/15432408367260-CVE-2024-42466-Lack-of-resources-and-rate-limiting-login • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2024-42465 – Lack of resources and rate limiting - two factor authentication
https://notcve.org/view.php?id=CVE-2024-42465
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. • https://support.upkeeper.se/hc/en-us/articles/15432332385564-CVE-2024-42465-Lack-of-resources-and-rate-limiting-two-factor-authentication • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2024-42464 – Leak of user information
https://notcve.org/view.php?id=CVE-2024-42464
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. • https://support.upkeeper.se/hc/en-us/articles/15432275702044-CVE-2024-42464-Leak-of-user-Information • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-42463 – Leak of organizations messages
https://notcve.org/view.php?id=CVE-2024-42463
Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. • https://support.upkeeper.se/hc/en-us/articles/15432241822620-CVE-2024-42463-Leak-of-organizations-messages • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-42462 – Bypass multifactor authentication
https://notcve.org/view.php?id=CVE-2024-42462
Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9. • https://support.upkeeper.se/hc/en-us/articles/15432045399452-CVE-2024-42462-Bypass-multifactor-authentication • CWE-287: Improper Authentication •