Primary

Context

upKeeper Solutions upKeeper Manager Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Patched

A vulnerability exists in upKeeper Solutions upKeeper Manager versions 5.2.0 prior to 5.2.12, allowing sensitive user information to be logged when clients connect from upKeeper Manager DSOS. This issue enables the use of known domain credentials to access the logged information.

Impact

Exploitation of this vulnerability allows for the unauthorized use of logged sensitive information to request additional details about client computers from the upKeeper Manager Client API.

Remediation

Users can update upKeeper Manager to version 5.2.13.1 or later to address this vulnerability.

Added: Nov 19, 2025, 9:20 AM

Updated: Nov 19, 2025, 9:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

upKeeper Solutions upKeeper Manager Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Impact

Remediation

Affected Products

upKeeper Solutions upKeeper Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating