CVE-2024-12108
CRITICALProgress Whatsup Gold < 24.0.2 - Authentication Bypass by Spoofing
Title source: ruleDescription
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.
References (1)
Scores
CVSS v3
9.6
EPSS
0.1940
EPSS Percentile
95.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-290
Status
published
Products (1)
progress/whatsup_gold
23.1.0 - 24.0.2
Published
Dec 31, 2024
Tracked Since
Feb 18, 2026