Описание
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
Уязвимые конфигурации
Конфигурация 1Версия до 24.0.1 (исключая)
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01439
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
EPSS
Процентиль: 80%
0.01439
Низкий
8.8 High
CVSS3
Дефекты
CWE-89