CVE-2024-12106: WhatsUp Gold - LDAP configuration interface leading to allowing attacker to configure LDAP settings without authentication
9.4
CVSS
Description
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
Classification
CVE ID: CVE-2024-12106
CVSS Base Severity: CRITICAL
CVSS Base Score: 9.4
Affected Products
Vendor: Progress Software Corporation
Product: WhatsUp Gold
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 20.06% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)