Vulnerability Details CVE-2024-5009
In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.8%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2024-5009
-
cpe:2.3:a:progress:whatsup_gold:-
-
cpe:2.3:a:progress:whatsup_gold:11
-
cpe:2.3:a:progress:whatsup_gold:15.02
-
cpe:2.3:a:progress:whatsup_gold:16.3
-
cpe:2.3:a:progress:whatsup_gold:16.4
-
cpe:2.3:a:progress:whatsup_gold:17.1.1
-
cpe:2.3:a:progress:whatsup_gold:18.0
-
cpe:2.3:a:progress:whatsup_gold:21.1.0
-
cpe:2.3:a:progress:whatsup_gold:21.1.1
-
cpe:2.3:a:progress:whatsup_gold:21.1.2
-
cpe:2.3:a:progress:whatsup_gold:22.0.0
-
cpe:2.3:a:progress:whatsup_gold:22.0.1
-
cpe:2.3:a:progress:whatsup_gold:22.0.2
-
cpe:2.3:a:progress:whatsup_gold:22.1.0
-
cpe:2.3:a:progress:whatsup_gold:23.0.0
-
cpe:2.3:a:progress:whatsup_gold:23.0.1
-
cpe:2.3:a:progress:whatsup_gold:23.0.2
-
cpe:2.3:a:progress:whatsup_gold:23.1.0
-
cpe:2.3:a:progress:whatsup_gold:23.1.1
-
cpe:2.3:a:progress:whatsup_gold:23.1.2
-
cpe:2.3:a:progress:whatsup_gold:7.0
-
cpe:2.3:a:progress:whatsup_gold:7.03
-
cpe:2.3:a:progress:whatsup_gold:7.04
-
cpe:2.3:a:progress:whatsup_gold:8.0
-
cpe:2.3:a:progress:whatsup_gold:8.01
-
cpe:2.3:a:progress:whatsup_gold:8.03