VDB
CVE-2024-6670
CVE-2024-6670
PUBLISHED
KEV
CVSS 9.800000190734863 CRITICAL
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
EPSS 94.47% · 100.0th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
94.47%
100.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| progress | whatsupgold | 2023.1.0 |
| progress | whatsup_gold | 0 |
| Progress Software Corporation | WhatsUp Gold | 2023.1.0 |
Timeline
- Dec 24, 2022 CrowdSec Sighting
- Dec 27, 2022 CrowdSec Sighting
- Dec 27, 2022 CrowdSec Sighting
- Feb 2, 2023 CrowdSec Sighting
- Mar 9, 2023 CrowdSec Sighting
- Apr 5, 2023 CrowdSec Sighting
- Apr 10, 2023 CrowdSec Sighting
- Jun 19, 2023 CrowdSec Sighting
- Aug 10, 2023 CrowdSec Sighting
- Oct 15, 2023 CrowdSec Sighting
- Nov 6, 2023 CrowdSec Sighting
- Feb 6, 2024 CrowdSec Sighting