Lucene search
K

4 matches found

OSV
OSV
added 2024/06/25 9:16 p.m.4 views

CVE-2024-5015

In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI.Areas.Wug.Controllers.SessionControler.Update allows a low privileged user to chain this SSRF with an Improper Access Control vulnerability. This can be used to escalate privileges to Admin...

8.8CVSS5.8AI score0.00525EPSS
Exploits0References2
OSV
OSV
added 2024/06/25 8:15 p.m.4 views

CVE-2024-5011

In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service...

7.5CVSS5.8AI score0.47092EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.10 views

PT-2024-33960 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: An unauthenticated Denial of Service issue was identified, allowing an unauthenticated attacker to put the application into the SetAdminPassword installation step. This renders the...

7.5CVSS7.3AI score0.00847EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-33982 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: The issue involves an authenticated Server-Side Request Forgery SSRF vulnerability in the Wug.UI.Areas.Wug.Controllers.SessionControler.Update function. This vulnerability can be chained wi...

8.8CVSS7.4AI score0.00525EPSS
Exploits0References6
Rows per page
Query Builder