Описание
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия от 21.0.0 (включая) до 21.1.1 (включая)
Одно из
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.84042
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
EPSS
Процентиль: 99%
0.84042
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-918