CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Configurations

Configuration 1

cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:whatsup_gold:22.0.0:*:*:*:*:*:*:*

Information

Published : 2022-05-11 06:15

Updated : 2022-05-20 02:37


NVD link : CVE-2022-29848

Mitre link : CVE-2022-29848

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)