CVE-2024-46907 – A SQL injection vulnerability in WhatsUp Gold a... (How to Fix)

Q: What is the severity of CVE-2024-46907?

CVE-2024-46907 has a CVSS score of 8.8 (HIGH). A SQL injection vulnerability in WhatsUp Gold allows authenticated low-privileged users (with at least Report Viewer permissions) to escalate privileges to admin accounts. This affects all WhatsUp Gold versions before 2024.0.1. Attackers can gain full administrative control over the monitoring system.

📋 TL;DR

A SQL injection vulnerability in WhatsUp Gold allows authenticated low-privileged users (with at least Report Viewer permissions) to escalate privileges to admin accounts. This affects all WhatsUp Gold versions before 2024.0.1. Attackers can gain full administrative control over the monitoring system.

💻 Affected Systems

Products:

WhatsUp Gold

Versions: All versions before 2024.0.1

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access with at least Report Viewer permissions. Default installations are vulnerable.

📦 What is this software?

Whatsup Gold by Progress

View all CVEs affecting Whatsup Gold →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of WhatsUp Gold instance with admin privileges, allowing attackers to modify configurations, access sensitive network data, deploy malware, or pivot to other systems.

🟠

Likely Case

Privilege escalation from low-privileged user to admin, enabling unauthorized access to sensitive monitoring data and system configuration changes.

🟢

If Mitigated

Limited impact if proper network segmentation, least privilege access, and input validation are already implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated access and SQL injection knowledge. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2024.0.1 or later

Vendor Advisory: https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024

Restart Required: No

Instructions:

1. Download WhatsUp Gold 2024.0.1 or later from Progress website. 2. Backup current configuration and database. 3. Run the installer to upgrade. 4. Verify successful installation and functionality.

🔧 Temporary Workarounds

Restrict User Permissions

all

Temporarily remove Report Viewer permissions from non-essential users until patching is complete.

Navigate to Administration > Security > Users in WhatsUp Gold interface and modify permissions

Network Segmentation

all

Isolate WhatsUp Gold server from general network access, allowing only necessary administrative connections.

Configure firewall rules to restrict access to WhatsUp Gold server

🧯 If You Can't Patch

Implement strict input validation and parameterized queries at application layer
Deploy web application firewall (WAF) with SQL injection protection rules

🔍 How to Verify

Check if Vulnerable:

Check WhatsUp Gold version in Administration > About. If version is below 2024.0.1, system is vulnerable.

Check Version:

Check version in WhatsUp Gold web interface at Administration > About

Verify Fix Applied:

Verify version is 2024.0.1 or higher in Administration > About. Test user permission boundaries remain intact.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL query patterns in database logs
Multiple failed login attempts followed by successful admin access
User permission changes from low-privilege to admin

Network Indicators:

Unusual database connection patterns from application server
SQL error messages in HTTP responses

SIEM Query:

source="whatsup_gold" AND (event_type="permission_change" OR sql_error="*injection*")

📊 Metadata

CVE ID: CVE-2024-46907

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: December 2, 2024

Last Updated: December 10, 2024

🔗 References

https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 Vendor Advisory
https://docs.progress.com/bundle/whatsupgold-release-notes-24-0/page/WhatsUp-Gold-2024.0-Release-Notes.html Release Notes
https://www.progress.com/network-monitoring Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46907, you might also want to check these: