CVE-2024-46908

Published: 2024-12-02T15:15Z

Last Modified: 2024-12-10T18:23Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt