Information Disclosure Vulnerability in Progress Software's WhatsUp Gold
CVE-2024-12105

6.5MEDIUM

Key Information:

Vendor: Progress Software
Status: Whatsup Gold
Vendor: CVE Published:; 31 December 2024

🔔 Create Progress Software Vulnerability Alert

What is CVE-2024-12105?

In specific versions of WhatsUp Gold managed by Progress Software, an issue exists where authenticated users can exploit specially crafted HTTP requests. This can potentially lead to unauthorized information disclosure, compromising sensitive data. It is crucial for users and administrators of WhatsUp Gold to be aware of these vulnerabilities and apply the necessary updates to maintain system integrity.

Affected Version(s)

WhatsUp Gold Windows 2023.1.0

References

https://www.progress.com/network-monitoring

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 3, 2024

Credit

Marcin 'Icewall' Noga of Cisco Talos