Описание
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:progress:whatsup_gold:21.1.0:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:21.1.1:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.42249
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-829
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file.
EPSS
Процентиль: 97%
0.42249
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-829