Описание
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия от 17.0.0 (включая) до 21.1.1 (включая)
Одно из
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.56728
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
EPSS
Процентиль: 98%
0.56728
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-918