CVE-2024-12108

Published: Dic 31, 2024 Last Modified: Gen 06, 2025 EU-VD ID: EUVD-2024-50602

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,6

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0113

Percentile

0,8th

Updated

EPSS Score Trend (Last 90 Days)

290

Authentication Bypass by Spoofing

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism Gain Privileges Or Assume Identity

Applicable Platforms

All platforms may be affected

View CWE Details

Application

Whatsup Gold by Progress

Product Information

Vendor Progress

Product Whatsup Gold

Version Range Affected

From 23.1.0 (inclusive)

To 24.0.2 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.progress.com/network-monitoring

Product

https://www.progress.com/network-monitoring

CVE-2024-12108

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Authentication Bypass by Spoofing

Common Consequences

Applicable Platforms

Whatsup Gold by Progress

Product Information

Iscriviti alla newsletter