vulnerability

Progress WhatsUp Gold Vulnerability (CVE-2024-5013): Denial of Service

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Jun 25, 2024	Jun 27, 2024	Jun 28, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Jun 25, 2024

Added

Jun 27, 2024

Modified

Jun 28, 2024

Description

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified in Progress WhatsUp Gold. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application non-accessible.

Solution

progress-whatsup-gold-upgrade-latest

References

CVE-2024-5013
https://attackerkb.com/topics/CVE-2024-5013
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report