CVE-2022-29848
CVE-2022-29848
Vexday Risk Score
18Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 3.5%KEV nãoPoC —Nuclei —Metasploit simPatch —
Ciclo de vida
11 may 2022Publicada en NVD
22 nov 2022Exploit Metasploit disponible
Velocidad de armamento
194 díashasta el módulo Metasploit
Recomendación: Planificar corrección próxima — ya existe PoC pública.
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Productos afectados
n/a · n/a