CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-6671

In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.1

EPSS Ranking 92.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024
https://www.progress.com/network-monitoring

Products affected by CVE-2024-6671

Progress » Whatsup Gold » Version: 23.1.0

cpe:2.3:a:progress:whatsup_gold:23.1.0
Progress » Whatsup Gold » Version: 23.1.1

cpe:2.3:a:progress:whatsup_gold:23.1.1
Progress » Whatsup Gold » Version: 23.1.2

cpe:2.3:a:progress:whatsup_gold:23.1.2
Progress » Whatsup Gold » Version: 23.1.3

cpe:2.3:a:progress:whatsup_gold:23.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6671

Products

Pricing

Contact Us