CVE-2024-5013: WhatsUp Gold InstallController Denial-of-Service Vulnerability
First published: Tue Jun 25 2024(Updated: )
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application non-accessible.
Credit: security@progress.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Progress Software WhatsUp Gold | <23.1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-5013?
CVE-2024-5013 is classified as a Denial of Service vulnerability.
How do I fix CVE-2024-5013?
To resolve CVE-2024-5013, upgrade WhatsUp Gold to version 2023.1.3 or later.
Who is affected by CVE-2024-5013?
CVE-2024-5013 affects WhatsUp Gold versions prior to 2023.1.3.
Can CVE-2024-5013 be exploited remotely?
Yes, CVE-2024-5013 can be exploited by an unauthenticated remote attacker.
What impact does CVE-2024-5013 have on the application?
CVE-2024-5013 can render the WhatsUp Gold application non-accessible.
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- agent/source
- vendor/progress
- canonical/progress software whatsup gold