In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Metrics
Affected Vendors & Products
References
History
Tue, 27 Aug 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress
Progress whatsup Gold |
|
CPEs | cpe:2.3:a:ipswitch:whatsup_gold:22.0.0:*:*:*:*:*:*:* |
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:* cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:* |
Vendors & Products |
Ipswitch
Ipswitch whatsup Gold |
Progress
Progress whatsup Gold |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-11T17:56:00
Updated: 2024-08-03T06:33:42.846Z
Reserved: 2022-04-27T00:00:00
Link: CVE-2022-29847
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-11T18:15:29.097
Modified: 2024-11-21T06:59:48.553
Link: CVE-2022-29847
Redhat
No data.