nvd-json-data-feeds/CVE-2024/CVE-2024-50xx/CVE-2024-5013.json

{
  "id": "CVE-2024-5013",
  "sourceIdentifier": "security@progress.com",
  "published": "2024-06-25T21:16:00.510",
  "lastModified": "2024-08-21T13:35:28.750",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In WhatsUp Gold versions released before 2023.1.3,\u00a0an unauthenticated Denial of Service \n\nvulnerability was identified.\u00a0An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application non-accessible."
    },
    {
      "lang": "es",
      "value": "En las versiones de WhatsUp Gold lanzadas antes de 2023.1.3, se identific\u00f3 una vulnerabilidad de denegaci\u00f3n de servicio no autenticada. Un atacante no autenticado puede colocar la aplicaci\u00f3n en el paso de instalaci\u00f3n SetAdminPassword, lo que hace que la aplicaci\u00f3n no sea accesible."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      },
      {
        "source": "security@progress.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    },
    {
      "source": "security@progress.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "23.1.3",
              "matchCriteriaId": "C22487E3-6723-40C7-86A0-764EBAA37A55"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024",
      "source": "security@progress.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://www.progress.com/network-monitoring",
      "source": "security@progress.com",
      "tags": [
        "Product"
      ]
    }
  ]
}