WhatsUp Gold product security update advisory

Sep 03 2024

Overview

An update has been released to address vulnerabilities in WhatsUp Gold products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-6670, CVE-2024-6671, CVE-2024-6672

WhatsUp Gold versions: ~ 2024.0.0 (excluded)

Resolved Vulnerabilities

SQL injection vulnerability that could allow an unauthenticated attacker to retrieve a user’s encrypted password if the application is configured with only a single user (CVE-2024-6670, CVE-2024-6671)

SQL injection vulnerability that could allow an unauthenticated attacker to retrieve a user’s encrypted password (CVE-2024-6672)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-6670, CVE-2024-6671, CVE-2024-6672

WhatsUp Gold version: 2024.0.0

References

[1] WhatsUp Gold Security Bulletin- August 2024

https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024

WhatsUp Gold product security update advisory

ManageEngine (Exchange Reporter Plus) Product August 2024 Security Update Advisory

Google Chrome Browser (128.0.6613.119/.120) Security Update Advisory

Tags:

ManageEngine (Exchange Reporter Plus) Product August 2024 Security Update Advisory

Google Chrome Browser (128.0.6613.119/.120) Security Update Advisory