CVE-2024-5011
published 2024-06-25CVE-2024-5011: In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request…
PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
47.09%
98.7th percentile
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of service.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | whatsup_gold | < 23.1.3 | 23.1.3 |
| progress_software_corporation | whatsup_gold | >= 2023.1.0 < 2023.1.3 | 2023.1.3 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Whatsup Gold, Observium and Offis vulnerabilities
blogs_talos·2025-01-29·CVSS 7.5
[HIGH] Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.
These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications in Medicine) standard formats; and WhatsUp Gold, an IT infrastructure management product.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are alw
Talos
Whatsup Gold, Observium and Offis vulnerabilities
blogs_talos·2025-01-29·CVSS 7.5
[HIGH] Whatsup Gold, Observium and Offis vulnerabilities
## Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.
These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications in Medicine) standard formats; and WhatsUp Gold, an IT infrastructure management product.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy .
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Sno
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024https://www.progress.com/network-monitoringhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024https://www.progress.com/network-monitoringhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1934
2024-06-25
Published