Login Sign Up

CVE-2024-5009

8.4 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability allows local attackers to modify the administrator password in WhatsUp Gold through improper access control in the SetAdminPassword function. It affects WhatsUp Gold versions before 2023.1.3, potentially enabling unauthorized administrative access.

💻 Affected Systems

Products:
  • WhatsUp Gold
Versions: All versions before 2023.1.3
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Requires local access to the WhatsUp Gold system. The vulnerability is in the Wug.UI.Controllers.InstallController.SetAdminPassword component.

📦 What is this software?

Whatsup Gold by Progress

View all CVEs affecting Whatsup Gold →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attackers gain administrative privileges, allowing complete system compromise, data theft, and further network exploitation.

🟠

Likely Case

Local users or attackers with initial access can escalate privileges to admin, enabling unauthorized configuration changes and data access.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to unauthorized password changes requiring detection and remediation.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring local access to the system.
🏢 Internal Only: HIGH - Local attackers or compromised accounts can exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access but appears straightforward based on the vulnerability description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2023.1.3 and later

Vendor Advisory: https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024

Restart Required: Yes

Instructions:

1. Download WhatsUp Gold version 2023.1.3 or later from Progress website. 2. Backup current configuration and data. 3. Run the installer to upgrade. 4. Restart the WhatsUp Gold service and verify functionality.

🔧 Temporary Workarounds

Restrict Local Access

windows

Limit local access to WhatsUp Gold servers to authorized administrators only.

Monitor Admin Account Changes

all

Implement monitoring for administrator password changes and account modifications.

🧯 If You Can't Patch

  • Implement strict access controls to limit who can log into WhatsUp Gold servers locally.
  • Monitor system logs for unauthorized access attempts and password change activities.

🔍 How to Verify

Check if Vulnerable:

Check WhatsUp Gold version in the web interface under Help > About or via the installation directory properties.

Check Version:

Not applicable - check via web interface or installation properties.

Verify Fix Applied:

Verify version is 2023.1.3 or later and test that unauthorized password changes are prevented.

📡 Detection & Monitoring

Log Indicators:

  • Unusual administrator password change events
  • Unauthorized access attempts to WhatsUp Gold administrative functions

Network Indicators:

  • Unusual administrative activity from non-standard locations

SIEM Query:

Event logs showing password modification events for WhatsUp Gold admin accounts

📊 Metadata

CVE ID: CVE-2024-5009
CVSS v3 Score: 8.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
Published: June 25, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5009, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)