Security Advisory

CVE-2024-46907

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-02 14:42:08

Last updated 2024-12-02 15:30:19

Assigner ProgressSoftware

State PUBLISHED

Description

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.

← Browse all CVEs View on cve.org ↗