First published: Thu Dec 14 2023(Updated: )
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.
Credit: security@progress.com
Affected Software | Affected Version | How to fix |
---|---|---|
Progress WhatsUp Gold | <23.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.