Authentication Bypass Vulnerability in WhatsUp Gold (Before 2024.0.0)
CVE-2024-7763

7.5HIGH

Key Information:

Vendor: Progress Software
Status: Whatsup Gold
Vendor: CVE Published:; 24 October 2024

Summary

An Authentication Bypass vulnerability in WhatsUp Gold allows attackers to exploit the issue in versions released before 2024.0.0. This flaw enables unauthorized individuals to gain access to encrypted user credentials, potentially compromising sensitive information. Organizations using affected versions should seek to apply the latest security updates and ensure proper security protocols are in place.

Affected Version(s)

WhatsUp Gold Windows 2023.1.0

References

https://www.progress.com/network-monitoring

product

https://community.progress.com/s/article/WhatsUp-Gold-Sec...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 24, 2024

Collectors

NVD DatabaseMitre Database

Credit

Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative