CVE-2024-5011

In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*

History

06 Sep 2024, 22:41

Type Values Removed Values Added
CPE cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
First Time Progress
Progress whatsup Gold
References () https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 - () https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 - Vendor Advisory
References () https://www.progress.com/network-monitoring - () https://www.progress.com/network-monitoring - Product
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934 - () https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934 - Third Party Advisory

26 Jun 2024, 14:15

Type Values Removed Values Added
References
  • () https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934 -

26 Jun 2024, 12:44

Type Values Removed Values Added
Summary
  • (es) En las versiones de WhatsUp Gold lanzadas antes de 2023.1.3, existe una vulnerabilidad de consumo descontrolado de recursos. Una solicitud HTTP no autenticada especialmente manipulada para la funcionalidad TestController Chart puede provocar una denegación de servicio.

25 Jun 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-25 20:15

Updated : 2024-09-06 22:41


NVD link : CVE-2024-5011

Mitre link : CVE-2024-5011

CVE.ORG link : CVE-2024-5011


JSON object : View

Products Affected

progress

  • whatsup_gold
CWE
CWE-400

Uncontrolled Resource Consumption