Multiple vulnerabilities in Progress Software Corporation WhatsUp Gold
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2024-5017 CVE-2024-5010 CVE-2024-5011 |
| CWE-ID | CWE-22 CWE-200 CWE-400 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
WhatsUp Gold Web applications / CMS |
| Vendor | Progress Software Corporation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU93507
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-5017
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the AppProfileImport functionality. A remote user can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsWhatsUp Gold: 23.1.0 1697
CPE2.3 External linkshttp://www.progress.com/network-monitoring
http://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024
http://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1932
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Information disclosure
EUVDB-ID: #VU93509
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-5010
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in the TestController functionality. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWhatsUp Gold: 23.1.0 1697
CPE2.3 External linkshttp://www.progress.com/network-monitoring
http://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024
http://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1933
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU93508
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-5011
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the TestController Chart functionality. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWhatsUp Gold: 23.1.0 1697
CPE2.3 External linkshttp://www.progress.com/network-monitoring
http://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024
http://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
