प्लेटफ़ॉर्म
nagios
घटक
whatsup-gold
में ठीक किया गया
2024.0.0
CVE-2024-7763 describes an Authentication Bypass vulnerability affecting WhatsUp Gold versions 2023.1.0 through 2024.0.0. This flaw allows an attacker to potentially obtain encrypted user credentials, compromising the security of the monitoring environment. A fix is available in version 2024.0.0, and users are strongly advised to upgrade immediately.
The impact of CVE-2024-7763 is severe. Successful exploitation allows an attacker to bypass authentication mechanisms and gain access to encrypted user credentials. This could lead to unauthorized access to sensitive network data, including configuration details, performance metrics, and potentially even administrative controls. Compromised credentials could be used for lateral movement within the network, allowing the attacker to escalate privileges and further compromise systems. The blast radius extends to any systems monitored by WhatsUp Gold, as the attacker could leverage stolen credentials to gain insights into the entire network infrastructure.
CVE-2024-7763 was publicly disclosed on 2024-10-24. The vulnerability's severity is rated as CRITICAL (CVSS 9.8). Currently, there are no publicly available proof-of-concept exploits, but the ease of exploitation suggested by the authentication bypass nature raises concerns about potential rapid exploitation. It is not currently listed on CISA KEV, but its criticality warrants close monitoring.
Organizations heavily reliant on WhatsUp Gold for network monitoring are particularly at risk. This includes managed service providers (MSPs) who manage monitoring for multiple clients, as a single compromised WhatsUp Gold instance could impact numerous networks. Environments with weak password policies or a lack of MFA are also at heightened risk.
• nagios / server:
journalctl -u whats_gold -g 'authentication bypass'• nagios / server:
ps aux | grep -i 'authentication bypass'• nagios / server: Check WhatsUp Gold logs for unusual authentication patterns or failed login attempts. • nagios / server: Review user account permissions and ensure least privilege is enforced.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.20% (42% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2024-7763 is to upgrade to WhatsUp Gold version 2024.0.0 or later, which contains the fix. If immediate upgrade is not possible due to compatibility issues or testing requirements, consider implementing stricter access controls and multi-factor authentication (MFA) to limit the impact of a potential compromise. Monitor WhatsUp Gold logs for suspicious authentication attempts. After upgrading, confirm the fix by attempting to reproduce the authentication bypass scenario and verifying that it is no longer possible.
Actualice WhatsUp Gold a la versión 2024.0.0 o posterior. Esta actualización corrige la vulnerabilidad de omisión de autenticación que permite a un atacante obtener credenciales de usuario cifradas. Consulte el boletín de seguridad de Progress para obtener más detalles e instrucciones de actualización.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2024-7763 is a critical vulnerability in WhatsUp Gold versions 2023.1.0–2024.0.0 that allows attackers to bypass authentication and obtain encrypted user credentials, potentially compromising network monitoring data.
If you are running WhatsUp Gold versions 2023.1.0 through 2024.0.0, you are potentially affected by this vulnerability. Upgrade to 2024.0.0 to mitigate the risk.
The recommended fix is to upgrade to WhatsUp Gold version 2024.0.0 or later. If immediate upgrade is not possible, implement stricter access controls and MFA.
While no public exploits are currently available, the ease of exploitation makes active exploitation a possibility. Monitor your systems closely and apply the patch as soon as possible.
Refer to the official WhatsUp Gold security advisory for detailed information and updates: [https://www.whatsmsgold.com/security-advisories](https://www.whatsmsgold.com/security-advisories)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।