Progress: >> Whatsup Gold >> 23.1.3 Security Vulnerabilities
In WhatsUp Gold versions released before 2024.0.0,
an Authentication Bypass issue exists which allows an attacker to obtain encrypted user credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-24
CVE-2024-6670
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
Known exploited
CVSS Score
9.8
EPSS Score
0.945
Published
2024-08-29
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
CVSS Score
9.8
EPSS Score
0.039
Published
2024-08-29
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password.
CVSS Score
8.8
EPSS Score
0.013
Published
2024-08-29
Page 2