CVE-2024-12106

Published: Dic 31, 2024 Last Modified: Gen 06, 2025 EU-VD ID: EUVD-2024-50600

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,4

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: low

Description

AI Translation Available

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0453

Percentile

0,9th

Updated

EPSS Score Trend (Last 90 Days)

306

Missing Authentication for Critical Function

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control Other

Potential Impacts:

Gain Privileges Or Assume Identity Varies By Context

Applicable Platforms

Technologies: Cloud Computing, ICS/OT

Likelihood of Exploit: High

View CWE Details

Application

Whatsup Gold by Progress

Product Information

Vendor Progress

Product Whatsup Gold

Version Range Affected

From 23.1.0 (inclusive)

To 24.0.2 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.progress.com/network-monitoring

Product

https://www.progress.com/network-monitoring

CVE-2024-12106

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Missing Authentication for Critical Function

Common Consequences

Applicable Platforms

Whatsup Gold by Progress

Product Information

Iscriviti alla newsletter