CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-12108

Critical Severity
Progress
SVRS
82/100
CVSSv3
9.6/10
EPSS
0.01223/1

CVE-2024-12108 allows unauthorized access to WhatsUp Gold servers. This vulnerability enables attackers to bypass security measures and potentially compromise sensitive data. CVE-2024-12108 affects WhatsUp Gold versions prior to 2024.0.2, exposing them through the public API. SOCRadar's SVRS score of 82 indicates a critical vulnerability requiring immediate attention. The high SVRS, combined with its presence "In The Wild", signals active exploitation attempts. Successful exploitation can lead to complete server takeover, data breaches, and significant operational disruption. Due to the high severity and potential impact, organizations using affected WhatsUp Gold versions must upgrade immediately to version 2024.0.2 or later.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:L
UI:N
S:C
C:H
I:H
A:N
PUBLICATION DATE2024-12-31
LAST MODIFIED2025-01-04
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-12108 is a critical vulnerability affecting WhatsUp Gold versions released prior to 2024.0.2. This vulnerability allows attackers to exploit a flaw in the public API, potentially granting them unauthorized access to the WhatsUp Gold server. The vulnerability is categorized as CWE-290 (Improper Validation of Input Before Using in a Command) and has a CVSS score of 9.6, signifying a high severity risk.

SOCRadar's SVRS analysis further underscores the urgency of this issue, with a score of 82 indicating a critical vulnerability that requires immediate action.

Key Insights

  • Unrestricted Access: This vulnerability enables attackers to bypass authentication mechanisms and gain unfettered access to the WhatsUp Gold server, compromising sensitive data and potentially granting them complete control.
  • Potential for Exploitation: The vulnerability is marked as "In The Wild", meaning that attackers are actively exploiting this flaw. This implies that organizations are already under attack and immediate remediation is crucial.
  • Wide Impact: WhatsUp Gold is a widely used network monitoring and management tool, meaning this vulnerability could affect a large number of organizations.
  • Complex Attack Surface: The exploit leverages the public API, which provides a significant attack surface for malicious actors. This makes detection and mitigation more challenging.

Mitigation Strategies

  • Upgrade to the Latest Version: Immediately update WhatsUp Gold to version 2024.0.2 or later to patch the vulnerability.
  • Restrict API Access: Implement strict access control measures for the public API, limiting access to authorized users and applications.
  • Network Segmentation: Isolate the WhatsUp Gold server from other critical network infrastructure to limit the impact of a successful attack.
  • Intrusion Detection Systems (IDS): Implement IDS rules to detect and block suspicious activity related to the public API.

Additional Information

This CVE represents a serious risk to organizations using WhatsUp Gold. The "In The Wild" status indicates active exploitation, demanding prompt action to protect your organization's network and data.

If users have additional queries regarding this incident, they can use the "Ask to Analyst" feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Focus Friday: Third-Party Risks In PostgreSQL and Zimbra Vulnerabilities
Ferdi Gül2025-04-01
Focus Friday: Third-Party Risks In PostgreSQL and Zimbra Vulnerabilities | Written by: Ferdi Gül This week’s Focus Friday blog highlights two critical vulnerabilities impacting enterprise systems: CVE-2025-1094 in PostgreSQL and CVE-2023-34192 in Zimbra Collaboration Suite (ZCS). These vulnerabilities pose significant risks to third-party ecosystems, potentially leading to SQL injection attacks in PostgreSQL and Cross-Site Scripting (XSS) exploits in Zimbra. As organizations continue to rely on […] The post Focus Friday: Third-Party Risks In PostgreSQL and Zimbra
normshield.com
rss
forum
news
6th January– Threat Intelligence Report
[email protected]2025-03-01
6th January– Threat Intelligence Report | For the latest discoveries in cyber research for the week of 6th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point elaborated on the US Treasury Department cyber-attack that compromised employee workstations and classified documents. The breach, attributed to a China state-sponsored threat actor, involved unauthorized remote access using a security […] The post 6th January– Threat Intelligence Report appeared first on Check Point
cve-2024-12686
cve-2024-12356
cve-2024-49113
cve-2024-12108
FOCUS FRIDAY: Third-Party Risks From Critical Juniper Junos, Rsync, and SimpleHelp Vulnerabilities
Ferdi Gül2025-03-01
FOCUS FRIDAY: Third-Party Risks From Critical Juniper Junos, Rsync, and SimpleHelp Vulnerabilities | Written by: Ferdi Gül Welcome to this week’s Focus Friday, where we dive into key vulnerabilities impacting widely used technologies. This installment highlights three significant incidents that pose unique challenges to third-party risk management (TPRM) teams. From Juniper Junos OS to Rsync and SimpleHelp, we explore how these vulnerabilities affect the security posture of vendors […] The post FOCUS FRIDAY: Third-Party Risks From Critical Juniper Junos, Rsync, and
normshield.com
rss
forum
news
FOCUS FRIDAY: TPRM Insights on FortiGate, QNAP, Mongoose, and W3 Total Cache Vulnerabilities with Black Kite’s FocusTags™
Ferdi Gül2025-03-01
FOCUS FRIDAY: TPRM Insights on FortiGate, QNAP, Mongoose, and W3 Total Cache Vulnerabilities with Black Kite’s FocusTags™ | Written by: Ferdi Gül In today’s interconnected digital landscape, the rapid emergence of critical vulnerabilities demands an agile and informed approach to Third-Party Risk Management (TPRM). This week’s Focus Friday blog highlights high-profile incidents involving vulnerabilities in FortiGate firewalls, QNAP NAS systems, Mongoose, and the W3 Total Cache WordPress plugin. Each of these vulnerabilities poses […] The post FOCUS FRIDAY: TPRM Insights
normshield.com
rss
forum
news
Focus Friday: Addressing Third-Party Risks in PAN-OS, Ivanti Connect Secure, Zimbra, and Cacti Vulnerabilities
Ferdi Gül2025-02-14
Focus Friday: Addressing Third-Party Risks in PAN-OS, Ivanti Connect Secure, Zimbra, and Cacti Vulnerabilities | Written by: Ferdi Gül In this week’s Focus Friday, we examine high-impact vulnerabilities affecting Palo Alto Networks PAN-OS, Ivanti Connect Secure, Zimbra Collaboration, and Cacti, all of which pose significant third-party risk concerns. These vulnerabilities range from remote code execution (RCE) flaws to SQL injection attacks that could lead to data breaches, system takeovers, and […] The post Focus Friday: Addressing Third-Party Risks
normshield.com
rss
forum
news
Focus Friday: Addressing Critical Vulnerabilities in SonicWall, Ivanti, Progress, and GoCD
Ferdi Gül2025-01-10
Focus Friday: Addressing Critical Vulnerabilities in SonicWall, Ivanti, Progress, and GoCD | Written by: Ferdi Gül Welcome to this week’s Focus Friday blog, where we analyze high-profile vulnerabilities and incidents from a Third-Party Risk Management (TPRM) perspective. As organizations grapple with the growing complexities of cybersecurity threats, identifying and addressing vendor-related risks becomes paramount. This week, we had a busy week focusing on vulnerabilities. In this week’s […] The post Focus Friday: Addressing Critical Vulnerabilities in SonicWall, Ivanti, Progress
normshield.com
rss
forum
news
6th January– Threat Intelligence Report - Check Point Research
2025-01-06
6th January– Threat Intelligence Report - Check Point Research | News Content: For the latest discoveries in cyber research for the week of 6th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point elaborated on the US Treasury Department cyber-attack that compromised employee workstations and classified documents. The breach, attributed to a China state-sponsored threat actor, involved unauthorized remote access using a security key from third-party provider BeyondTrust. The attackers exploited two vulnerabilities in BeyondTrust’s remote support software: CVE-2024-12356, critical API access flaw, and CVE-2024-12686, token management vulnerability. Japan’s
google.com
rss
forum
news

Social Media

Emergency Security Bulletin: WhatsUp Gold Unauthorized Access via Public API CVE-2024-12108 is a critical vulnerability in WhatsUp Gold versions released before 2024.0.2. Immediate patching is recommended to prevent potential exploitation. https://t.co/I67Gv1vLIC
0
0
1
CVE-2024-12108 (CVSS:9.6, CRITICAL) is Undergoing Analysis. In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public..https://t.co/EaPFICqjzz #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
0
0
0
#Vulnerability #CVE202412105 CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software https://t.co/SuzjF60oSC
0
0
0
CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software https://t.co/4XnRen4Tpf
0
0
3
🚨 CVE Alert: Critical Progress WhatsUp Gold Authentication Bypass Vulnerability🚨 Vulnerability Details: CVE-2024-12108 (CVSS 9.6/10) Progress WhatsUp Gold Authentication Bypass Vulnerability Impact A successful exploit may allows an attacker to gain unauthorized access to the https://t.co/MNCRcUcgTc
0
0
1
🚨🚨Three Vulnerabilities in WhatsUp Gold CVE-2024-12108: Public API signing key rotation issue CVE-2024-12106: LDAP configuration interface leading to allowing attacker to configure LDAP settings without authentication CVE-2024-12105: SnmpExtendedActiveMonitor path traversal https://t.co/AnNHoKEgJJ
0
0
0
🗣 CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software https://t.co/34n2LDhzQY
0
0
1
CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software Stay informed about the critical vulnerabilities in WhatsUp Gold network monitoring software. https://t.co/DbRZi24axm
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppProgresswhatsup_gold

References

ReferenceLink
[email protected]https://www.progress.com/network-monitoring

CWE Details

CWE IDCWE NameDescription
CWE-290Authentication Bypass by SpoofingThis attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence