Unrated severityNVD Advisory· Published Dec 2, 2024· Updated Dec 2, 2024
WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability
CVE-2024-46905
Description
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2024.0.1
- Progress Software Corporation/WhatsUp Goldv5Range: 2023.1.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.