In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
History

Tue, 27 Aug 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Progress
Progress whatsup Gold
CPEs cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:whatsup_gold:22.0.0:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:*
Vendors & Products Ipswitch
Ipswitch whatsup Gold
Progress
Progress whatsup Gold

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-05-11T17:56:00

Updated: 2024-08-03T06:33:42.846Z

Reserved: 2022-04-27T00:00:00

Link: CVE-2022-29847

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-11T18:15:29.097

Modified: 2024-11-21T06:59:48.553

Link: CVE-2022-29847

cve-icon Redhat

No data.