CVE-2025-8663 HIGH

CVE-2025-8663

Vendor Upkeeper Solutions
Product upKeeper Manager
Weakness CWE-532 · Sensitive info in logs
Published September 3, 2025
Last update September 3, 2025

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N

What the vulnerability does

01Description

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12.

Key dates

02Disclosure timeline

September 3, 2025 CVE published
September 3, 2025 Record updated