Progress WhatsUp Gold 23.1.3

CPE Details

Progress WhatsUp Gold 23.1.3
progress
whatsup_gold
23.1.3
2024-08-27
15h48 +00:00
2024-08-27
15h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:progress:whatsup_gold:23.1.3:*:*:*:*:*:*:*

Informations

Vendor

progress

Product

whatsup_gold

Version

23.1.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-12105 2024-12-31 10h32 +00:00 In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.
6.5
Moyen
CVE-2024-12106 2024-12-31 10h32 +00:00 In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
9.4
Critique
CVE-2024-12108 2024-12-31 10h31 +00:00 In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.
9.6
Critique
CVE-2024-8785 2024-12-02 14h49 +00:00 In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
9.8
Critique
CVE-2024-46909 2024-12-02 14h46 +00:00 In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
9.8
Critique
CVE-2024-46905 2024-12-02 14h45 +00:00 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
8.8
Haute
CVE-2024-46906 2024-12-02 14h44 +00:00 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
8.8
Haute
CVE-2024-46907 2024-12-02 14h42 +00:00 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
8.8
Haute
CVE-2024-46908 2024-12-02 14h40 +00:00 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
8.8
Haute
CVE-2024-7763 2024-10-24 20h11 +00:00 In WhatsUp Gold versions released before 2024.0.0,  an Authentication Bypass issue exists which allows an attacker to obtain encrypted user credentials.
9.8
Critique
CVE-2024-6672 2024-08-29 22h07 +00:00 In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password.
8.8
Haute
CVE-2024-6671 2024-08-29 22h06 +00:00 In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
9.8
Critique
CVE-2024-6670 2024-08-29 22h04 +00:00 In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
9.8
Critique