VDB

CVE-2024-6670

CVE-2024-6670 PUBLISHED KEV CVSS 9.800000190734863 CRITICAL

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.

EPSS 94.47% · 100.0th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
94.47%
100.0th percentile

Affected Products

VendorProductVersions
progresswhatsupgold2023.1.0
progresswhatsup_gold0
Progress Software CorporationWhatsUp Gold2023.1.0

Timeline

  • Dec 24, 2022 CrowdSec Sighting
  • Dec 27, 2022 CrowdSec Sighting
  • Dec 27, 2022 CrowdSec Sighting
  • Feb 2, 2023 CrowdSec Sighting
  • Mar 9, 2023 CrowdSec Sighting
  • Apr 5, 2023 CrowdSec Sighting
  • Apr 10, 2023 CrowdSec Sighting
  • Jun 19, 2023 CrowdSec Sighting
  • Aug 10, 2023 CrowdSec Sighting
  • Oct 15, 2023 CrowdSec Sighting
  • Nov 6, 2023 CrowdSec Sighting
  • Feb 6, 2024 CrowdSec Sighting
Open in Interactive Console →
$ Console Community · 100/wk Open console ›