Lucene search

K
ProgressWhatsup Gold

9 matches found

CVE
CVE
added 2024/12/31 11:15 a.m.97 views

CVE-2024-12108

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.

9.6CVSS9.4AI score0.00805EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.79 views

CVE-2024-8785

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch.

9.8CVSS9.5AI score0.00154EPSS
CVE
CVE
added 2024/12/31 11:15 a.m.56 views

CVE-2024-12105

In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.

6.5CVSS6.2AI score0.00389EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.49 views

CVE-2024-46909

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.

9.8CVSS9.6AI score0.02353EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.48 views

CVE-2024-46905

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.

8.8CVSS9.1AI score0.01117EPSS
CVE
CVE
added 2024/12/31 11:15 a.m.47 views

CVE-2024-12106

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.

9.4CVSS9.4AI score0.01387EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.46 views

CVE-2024-46906

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

8.8CVSS9.1AI score0.01205EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.46 views

CVE-2024-46907

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

8.8CVSS9.1AI score0.01205EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.46 views

CVE-2024-46908

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

8.8CVSS9.1AI score0.01273EPSS