Vulnerability Details CVE-2024-5019
In WhatsUp Gold versions released before 2023.1.3,
an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.3%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2024-5019
-
cpe:2.3:a:progress:whatsup_gold:-
-
cpe:2.3:a:progress:whatsup_gold:11
-
cpe:2.3:a:progress:whatsup_gold:15.02
-
cpe:2.3:a:progress:whatsup_gold:16.3
-
cpe:2.3:a:progress:whatsup_gold:16.4
-
cpe:2.3:a:progress:whatsup_gold:17.1.1
-
cpe:2.3:a:progress:whatsup_gold:18.0
-
cpe:2.3:a:progress:whatsup_gold:21.1.0
-
cpe:2.3:a:progress:whatsup_gold:21.1.1
-
cpe:2.3:a:progress:whatsup_gold:21.1.2
-
cpe:2.3:a:progress:whatsup_gold:22.0.0
-
cpe:2.3:a:progress:whatsup_gold:22.0.1
-
cpe:2.3:a:progress:whatsup_gold:22.0.2
-
cpe:2.3:a:progress:whatsup_gold:22.1.0
-
cpe:2.3:a:progress:whatsup_gold:23.0.0
-
cpe:2.3:a:progress:whatsup_gold:23.0.1
-
cpe:2.3:a:progress:whatsup_gold:23.0.2
-
cpe:2.3:a:progress:whatsup_gold:23.1.0
-
cpe:2.3:a:progress:whatsup_gold:23.1.1
-
cpe:2.3:a:progress:whatsup_gold:23.1.2
-
cpe:2.3:a:progress:whatsup_gold:7.0
-
cpe:2.3:a:progress:whatsup_gold:7.03
-
cpe:2.3:a:progress:whatsup_gold:7.04
-
cpe:2.3:a:progress:whatsup_gold:8.0
-
cpe:2.3:a:progress:whatsup_gold:8.01
-
cpe:2.3:a:progress:whatsup_gold:8.03