In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2023-12-14T16:06:11.767Z
Updated: 2024-08-02T08:35:14.645Z
Reserved: 2023-12-07T20:21:13.167Z
Link: CVE-2023-6595
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-14T16:15:54.453
Modified: 2023-12-19T17:51:54.827
Link: CVE-2023-6595
Redhat
No data.