VDB
GCVE-110-NCSC-2024-268
GCVE-110-NCSC-2024-268
Advisory PublishedCVSS 9.8/10
Progress heeft kwetsbaarheden verholpen in WhatsUp Gold.
Weaknesses (CWE)
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-434Unrestricted Upload of File with Dangerous TypeCWE-269Improper Privilege ManagementCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-400Uncontrolled Resource ConsumptionCWE-287Improper AuthenticationCWE-918Server-Side Request Forgery (SSRF)CWE-502Deserialization of Untrusted Data
Risk Scores
CVSS 3.1
9.8/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| progress_software_corporation | whatsup_gold | — | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.