CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Configurations

Configuration 1

cpe:2.3:a:ipswitch:whatsup_gold:22.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:*

Information

Published : 2022-05-11 06:15

Updated : 2022-05-20 02:36


NVD link : CVE-2022-29847

Mitre link : CVE-2022-29847

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)