ГлавнаяУязвимости → CVE-2024-4884
9.8критическая

CVE-2024-4884

Описание

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges.

Затрагиваемое ПО
Progress Whatsup gold
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024https://www.progress.com/network-monitoringhttps://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024https://www.progress.com/network-monitoring