admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-298xx/CVE-2022-29847.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

133 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-29847",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-11T18:15:29.097",
"lastModified": "2024-11-21T06:59:48.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host."
},
{
"lang": "es",
"value": "En Progress Ipswitch WhatsUp Gold versiones 21.0.0 hasta 21.1.1, y 22.0.0, es posible que un atacante no autenticado invoque una transacci\u00f3n de API que le permita transmitir credenciales de usuario de WhatsUp Gold cifradas a un host arbitrario"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.0.0",
"versionEndIncluding": "21.1.1",
"matchCriteriaId": "60452848-68FE-4047-BBDA-98FB98090649"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:whatsup_gold:22.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD18B7A-B6F3-4459-8DA8-7F7F1EE7A426"
}
]
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/network-monitoring",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/network-monitoring",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink