CVE-2024-29194

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-29194
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-29194.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-29194
Aliases
Published
2024-03-24T19:15:07Z
Modified
2024-10-08T04:09:21.056765Z
Summary
[none]
Details

OneUptime is a solution for monitoring and managing online services. The vulnerability lies in the improper validation of client-side stored data within the web application. Specifically, the ismasteradmin key, stored in the local storage of the browser, can be manipulated by an attacker. By changing this key from false to true, the application grants administrative privileges to the user, without proper server-side validation. This has been patched in 7.0.1815.

References

Affected packages

Git / github.com/oneuptime/oneuptime

Affected ranges

Type
GIT
Repo
https://github.com/oneuptime/oneuptime
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
14016d23d834038dd65d3a96cf71af04b556a32c

Affected versions

Other

${CI_PIPELINE_ID}

6.*

6.0.$CI_PIPELINE_ID
6.0.1
6.0.12
6.0.14
6.0.15
6.0.17
6.0.18
6.0.19
6.0.2
6.0.20
6.0.21
6.0.22
6.0.23
6.0.24
6.0.25
6.0.26
6.0.27
6.0.28

7.*

7.0.1000
7.0.1004
7.0.1039
7.0.104
7.0.1055
7.0.106
7.0.1078
7.0.109
7.0.1093
7.0.11
7.0.112
7.0.114
7.0.1143
7.0.1144
7.0.1167
7.0.1174
7.0.1183
7.0.1184
7.0.119
7.0.1191
7.0.1192
7.0.1195
7.0.122
7.0.1225
7.0.1229
7.0.123
7.0.1230
7.0.1243
7.0.1246
7.0.126
7.0.1265
7.0.1290
7.0.1295
7.0.1297
7.0.130
7.0.131
7.0.1326
7.0.1327
7.0.134
7.0.1341
7.0.1353
7.0.137
7.0.1375
7.0.1377
7.0.1378
7.0.1379
7.0.1383
7.0.1388
7.0.139
7.0.1390
7.0.1392
7.0.1393
7.0.1403
7.0.141
7.0.1414
7.0.1430
7.0.1436
7.0.144
7.0.1441
7.0.1461
7.0.1469
7.0.149
7.0.1491
7.0.1494
7.0.1497
7.0.1498
7.0.1499
7.0.1500
7.0.1502
7.0.1505
7.0.1506
7.0.1510
7.0.1513
7.0.1514
7.0.1517
7.0.1528
7.0.1529
7.0.1544
7.0.155
7.0.1555
7.0.1557
7.0.1568
7.0.157
7.0.1581
7.0.1585
7.0.1586
7.0.160
7.0.162
7.0.1633
7.0.1637
7.0.1638
7.0.1642
7.0.1643
7.0.165
7.0.167
7.0.1688
7.0.169
7.0.1694
7.0.1697
7.0.1708
7.0.1709
7.0.1717
7.0.173
7.0.1733
7.0.1740
7.0.1741
7.0.1744
7.0.1745
7.0.1751
7.0.1752
7.0.1758
7.0.1762
7.0.1763
7.0.1765
7.0.1767
7.0.1769
7.0.1775
7.0.1780
7.0.1787
7.0.179
7.0.1790
7.0.1791
7.0.1792
7.0.1794
7.0.1797
7.0.18
7.0.1800
7.0.1803
7.0.182
7.0.183
7.0.193
7.0.197
7.0.200
7.0.201
7.0.204
7.0.207
7.0.21
7.0.213
7.0.219
7.0.224
7.0.228
7.0.231
7.0.239
7.0.290
7.0.291
7.0.294
7.0.296
7.0.297
7.0.298
7.0.315
7.0.316
7.0.318
7.0.321
7.0.324
7.0.328
7.0.333
7.0.334
7.0.335
7.0.336
7.0.339
7.0.341
7.0.344
7.0.346
7.0.348
7.0.35
7.0.350
7.0.352
7.0.354
7.0.355
7.0.358
7.0.360
7.0.361
7.0.362
7.0.363
7.0.365
7.0.366
7.0.367
7.0.368
7.0.369
7.0.370
7.0.371
7.0.372
7.0.373
7.0.374
7.0.375
7.0.376
7.0.377
7.0.378
7.0.379
7.0.38
7.0.380
7.0.381
7.0.382
7.0.384
7.0.39
7.0.393
7.0.395
7.0.398
7.0.399
7.0.403
7.0.404
7.0.407
7.0.409
7.0.410
7.0.413
7.0.414
7.0.416
7.0.419
7.0.422
7.0.423
7.0.426
7.0.427
7.0.431
7.0.432
7.0.435
7.0.437
7.0.438
7.0.47
7.0.528
7.0.529
7.0.53
7.0.530
7.0.533
7.0.534
7.0.537
7.0.538
7.0.54
7.0.542
7.0.543
7.0.546
7.0.548
7.0.549
7.0.55
7.0.551
7.0.556
7.0.557
7.0.559
7.0.56
7.0.563
7.0.566
7.0.567
7.0.568
7.0.57
7.0.572
7.0.575
7.0.576
7.0.580
7.0.581
7.0.586
7.0.587
7.0.590
7.0.591
7.0.592
7.0.595
7.0.596
7.0.599
7.0.601
7.0.602
7.0.606
7.0.608
7.0.612
7.0.613
7.0.616
7.0.617
7.0.620
7.0.621
7.0.622
7.0.625
7.0.626
7.0.629
7.0.636
7.0.640
7.0.645
7.0.647
7.0.650
7.0.653
7.0.654
7.0.657
7.0.658
7.0.662
7.0.664
7.0.667
7.0.668
7.0.67
7.0.672
7.0.675
7.0.678
7.0.680
7.0.683
7.0.685
7.0.689
7.0.69
7.0.690
7.0.693
7.0.695
7.0.698
7.0.71
7.0.72
7.0.723
7.0.724
7.0.725
7.0.729
7.0.730
7.0.734
7.0.738
7.0.739
7.0.743
7.0.747
7.0.748
7.0.75
7.0.753
7.0.755
7.0.756
7.0.759
7.0.76
7.0.761
7.0.762
7.0.765
7.0.766
7.0.774
7.0.775
7.0.778
7.0.782
7.0.79
7.0.791
7.0.796
7.0.797
7.0.8
7.0.804
7.0.81
7.0.810
7.0.813
7.0.814
7.0.817
7.0.818
7.0.82
7.0.823
7.0.826
7.0.829
7.0.834
7.0.835
7.0.838
7.0.840
7.0.841
7.0.844
7.0.849
7.0.85
7.0.851
7.0.859
7.0.86
7.0.865
7.0.868
7.0.873
7.0.875
7.0.89
7.0.890
7.0.892
7.0.894
7.0.90
7.0.905
7.0.907
7.0.911
7.0.912
7.0.918
7.0.927
7.0.929
7.0.931
7.0.943
7.0.944
7.0.948
7.0.949
7.0.953
7.0.954
7.0.955
7.0.959
7.0.961
7.0.965
7.0.966
7.0.972
7.0.973
7.0.977
7.0.979
7.0.98
7.0.984
7.0.996

v4.*

v4.0.0
v4.0.1
v4.0.2