COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-6670

CVE-2024-6670

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2024-09-16
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-6670
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.

Players implicated

progress · vendorWhatsUp Gold · product

Description

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.