Oneuptime
CVE-2024-29194
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Primary rating from Vendor (github) · only source for this CVE.
CVSS VectorVendor: github
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Lifecycle Timeline
1Blast Radius
ecosystem impact- 2 npm packages depend on @oneuptime/model (2 direct, 0 indirect)
Ecosystem-wide dependent count for version 7.0.1815.
DescriptionCVE.org
OneUptime is a solution for monitoring and managing online services. The vulnerability lies in the improper validation of client-side stored data within the web application. Specifically, the is_master_admin key, stored in the local storage of the browser, can be manipulated by an attacker. By changing this key from false to true, the application grants administrative privileges to the user, without proper server-side validation. This has been patched in 7.0.1815.
AnalysisAI
OneUptime is a solution for monitoring and managing online services. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified under CWE-639. OneUptime is a solution for monitoring and managing online services. The vulnerability lies in the improper validation of client-side stored data within the web application. Specifically, the is_master_admin key, stored in the local storage of the browser, can be manipulated by an attacker. By changing this key from false to true, the application grants administrative privileges to the user, without proper server-side validation. This has been patched in 7.0.1815. Affected products include: Hackerbay Oneuptime.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
OS command injection in OneUptime monitoring platform before 10.0.7. Authenticated users can execute arbitrary commands
OneUptime prior to 10.0.21 has a fourth vulnerability in Synthetic monitoring exposing dangerous functionality.
Code injection in OneUptime monitoring via custom JS monitor using vm module. PoC and patch available.
OneUptime monitoring platform prior to 10.0.18 allows code injection (CVSS 9.9) enabling RCE through the monitoring conf
OneUptime prior to 10.0.21 has a third authorization bypass enabling low-privileged users to access admin functions.
OneUptime prior to 10.0.20 exposes dangerous functionality in Synthetic monitoring that enables code execution.
OneUptime is a solution for monitoring and managing online services. Rated high severity (CVSS 8.8), this vulnerability
OneUptime versions prior to 10.0.19 allow unauthenticated attackers to hijack GitHub App integrations across projects by
OneUptime versions 10.0.11 and earlier contain an improper WebAuthn implementation where server-side challenge validatio
Unauthenticated path traversal in OneUptime versions before 10.0.21 allows remote attackers to read arbitrary files from
OneUptime is a solution for monitoring and managing online services. Rated medium severity (CVSS 6.9), this vulnerabilit
SQL injection in OneUptime telemetry API before 10.0.23.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today