CVE-2023-6368
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 14, 2023
Updated: Dec 19, 2023
CWE ID 306
CWE ID 862
Summary
CVE-2023-6368 is a vulnerability affecting WhatsUp Gold versions prior to 2023.1. This issue stems from a missing authentication mechanism on an API endpoint. Unauthenticated attackers can exploit this weakness to gather information about devices being monitored by WhatsUp Gold. The lack of authentication exposes sensitive data, potentially leading to security breaches and unauthorized access.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Progress Publishers