CVE-2024-12105 – This vulnerability allows authenticated users o... (How to Fix)

Q: What is the severity of CVE-2024-12105?

CVE-2024-12105 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows authenticated users of WhatsUp Gold to craft HTTP requests that can disclose sensitive information. It affects all WhatsUp Gold versions before 2024.0.2. The vulnerability stems from improper path validation (CWE-22).

📋 TL;DR

This vulnerability allows authenticated users of WhatsUp Gold to craft HTTP requests that can disclose sensitive information. It affects all WhatsUp Gold versions before 2024.0.2. The vulnerability stems from improper path validation (CWE-22).

💻 Affected Systems

Products:

WhatsUp Gold

Versions: All versions before 2024.0.2

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to the WhatsUp Gold web interface

📦 What is this software?

Whatsup Gold by Progress

View all CVEs affecting Whatsup Gold →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could access sensitive configuration files, credentials, or system information, potentially leading to further compromise of the monitoring system or network.

🟠

Likely Case

Authenticated users with malicious intent could access information they shouldn't have permission to view, such as configuration details or limited system data.

🟢

If Mitigated

With proper authentication controls and network segmentation, the impact is limited to authorized users accessing information they shouldn't see within their privilege level.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access and crafting specific HTTP requests

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2024.0.2

Vendor Advisory: https://www.progress.com/network-monitoring

Restart Required: Yes

Instructions:

1. Download WhatsUp Gold 2024.0.2 or later from Progress website. 2. Backup current installation. 3. Run the installer to upgrade. 4. Restart WhatsUp Gold services.

🔧 Temporary Workarounds

Restrict Network Access

all

Limit access to WhatsUp Gold web interface to only trusted networks and users

Review User Permissions

all

Audit and minimize authenticated user accounts with access to WhatsUp Gold

🧯 If You Can't Patch

Implement strict network segmentation to isolate WhatsUp Gold from sensitive systems
Enhance monitoring of WhatsUp Gold access logs for unusual HTTP request patterns

🔍 How to Verify

Check if Vulnerable:

Check WhatsUp Gold version in web interface under Help > About or via installed program details

Check Version:

Not applicable - check via web interface or Windows Programs and Features

Verify Fix Applied:

Verify version is 2024.0.2 or later and test that path traversal attempts are properly blocked

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP requests with path traversal patterns
Multiple failed authentication attempts followed by successful login

Network Indicators:

HTTP requests containing '../' sequences or unusual file paths

SIEM Query:

source="whatsup_gold_logs" AND (http_request CONTAINS "../" OR http_request CONTAINS "..\")

📊 Metadata

CVE ID: CVE-2024-12105

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: December 31, 2024

Last Updated: January 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12105, you might also want to check these: