Information Disclosure Vulnerability in Progress Software's WhatsUp Gold
CVE-2024-12105

6.5MEDIUM

Key Information:

Vendor: Progress Software
Status: Whatsup Gold
Vendor: CVE Published:; 31 December 2024

Summary

In specific versions of WhatsUp Gold managed by Progress Software, an issue exists where authenticated users can exploit specially crafted HTTP requests. This can potentially lead to unauthorized information disclosure, compromising sensitive data. It is crucial for users and administrators of WhatsUp Gold to be aware of these vulnerabilities and apply the necessary updates to maintain system integrity.

Affected Version(s)

WhatsUp Gold Windows 2023.1.0

References

https://www.progress.com/network-monitoring

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 3, 2024

Collectors

NVD DatabaseMitre Database

Credit

Marcin 'Icewall' Noga of Cisco Talos