Lucene search
ProgressSoftwareCVELIST:CVE-2024-4883HistoryJun 25, 2024 - 7:44 p.m.
CVE-2024-4883 WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability
2024-06-2519:44:42
CWE-94
CWE-78
CWE-77
ProgressSoftware
www.cve.org
4
whatsup gold
rce
vulnerability
directory traversal
remote code execution
progress whatsup gold
nmapi.exe
unauthenticated attacker
service account
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.8%
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe.
CNA Affected
[
{
"defaultStatus": "affected",
"modules": [
"API Endpoint"
],
"platforms": [
"Windows"
],
"product": "WhatsUp Gold",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "2023.1.3",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
]Related
cve
cve
CVE-2024-4883
2024-06-25 20:15:12
nvd
nvd
CVE-2024-4883
2024-06-25 20:15:12
vulnrichment
vulnrichment
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.8%
Related for CVELIST:CVE-2024-4883