CVE-2024-12105

MEDIUM WAF: High

CVSS 6.5 Published: 2024-12-31

CWE-22 CWE-22

In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

Affected Software

Vendor	Product	Version
progress	whatsup_gold	23.1.0 - 24.0.2

References

www.progress.com (Product)
www.talosintelligence.com

Back to CVE Database