Primary

Context

upKeeper Manager Sensitive Information Log Insertion Vulnerability

Vulnerability

Patched

A vulnerability allowing the insertion of sensitive information into log files has been identified in upKeeper Manager versions 5.0.0 prior to 5.2.12. This issue arises from the administration web or API, where users can access event history containing sensitive data. The vulnerability could be exploited to use this information for unauthorized access to file shares and their contents.

Impact

Exploitation of this vulnerability could lead to unauthorized access to file shares and their files, using information obtained from the event history.

Remediation

Users can update to version 5.2.13.1 or later to address this vulnerability.

Added: Sep 3, 2025, 7:22 AM

Updated: Sep 3, 2025, 7:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

upKeeper Manager Sensitive Information Log Insertion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

upKeeper Solutions upKeeper Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating