CVE-2024-12108

Summary

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.

Affected Software

VendorProductVersion RangeStatus
Progress Software CorporationWhatsUp Gold2023.1.0 < 2024.0.2affected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References