VDB
GCVE-VVD-NCSC-2024-268
GCVE-VVD-NCSC-2024-268
Advisory PublishedCVSS 9.8/10
Progress heeft kwetsbaarheden verholpen in WhatsUp Gold.
Weaknesses (CWE)
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-434Unrestricted Upload of File with Dangerous TypeCWE-269Improper Privilege ManagementCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-400Uncontrolled Resource ConsumptionCWE-287Improper AuthenticationCWE-918Server-Side Request Forgery (SSRF)CWE-502Deserialization of Untrusted Data
Risk Scores
CVSS 3.1
9.8/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| progress_software_corporation | whatsup_gold | — | — |
Aliases
CVE-2024-5014CVE-2024-5009CVE-2024-5008CVE-2024-4884CVE-2024-4885CVE-2024-5010CVE-2024-5019CVE-2024-5012CVE-2024-5018CVE-2024-5017CVE-2024-5016CVE-2024-5013CVE-2024-5011CVE-2024-5015CVE-2024-4883
Transitive aliases
VVD-CISA-2024-5010GHSA-5qqw-chw3-g8wpGHSA-2jfg-r68g-p4gmGHSA-jpqc-c443-hw5cEUVD-2024-46291GHSA-vp43-wpfx-v79mNCSC-2024-0268EUVD-2024-44455GHSA-5prg-92hj-2g9xEUVD-2024-44454VVD-CISA-2024-5016VVD-CISA-2024-5017EUVD-2024-44453VVD-CISA-2024-5015GHSA-pw52-mhpv-c8hcGHSA-rw28-wf4m-hxpvGHSA-vrxq-687c-64w5VVD-CISA-2024-5014EUVD-2024-46283EUVD-2024-46288VVD-CISA-2024-4885EUVD-2024-46289GHSA-mp2r-5xxf-j299GHSA-3325-26ch-q5p3VVD-CISA-2024-5019VVD-CISA-2024-4883VVD-CISA-2024-5011EUVD-2024-47140GHSA-67p8-jrm8-g765VVD-CISA-2024-5018EUVD-2024-47139EUVD-2024-46286GHSA-j3rp-hcww-24pqVVD-CISA-2024-4884EUVD-2024-46282EUVD-2024-46287VVD-CISA-2024-5008GHSA-mx99-9j8j-frc2EUVD-2024-46284EUVD-2024-46285VVD-CISA-2024-5013GHSA-rxw3-jm8w-c989EUVD-2024-46290VVD-CISA-2024-5009BDU:2024-05764GHSA-qcj6-wq2r-c3xhVVD-CISA-2024-5012
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.