Unrated severityNVD Advisory· Published Jun 25, 2024· Updated Aug 1, 2024
WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability
CVE-2024-5015
Description
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI.Areas.Wug.Controllers.SessionControler.Update allows a low privileged user to chain this SSRF with an Improper Access Control vulnerability. This can be used to escalate privileges to Admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2023.1.2
- Progress Software Corporation/WhatsUp Goldv5Range: 2023.1.0
Patches
Vulnerability mechanics
References
2- community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024mitrevendor-advisory
- www.progress.com/network-monitoringmitreproduct
News mentions
0No linked articles in our index yet.