cvelistv5 - cve-2018-8938

CVE-2018-8938 (GCVE-0-2018-8938)

Vulnerability from cvelistv5 – Published: 2018-05-01 16:00 – Updated: 2024-08-05 07:10

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://docs.ipswitch.com/NM/WhatsUpGold2018/01_R…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:10:47.066Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-01T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-8938",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm",
              "refsource": "CONFIRM",
              "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-8938",
    "datePublished": "2018-05-01T16:00:00",
    "dateReserved": "2018-03-22T00:00:00",
    "dateUpdated": "2024-08-05T07:10:47.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"18.0\", \"matchCriteriaId\": \"65B6A821-3150-41CA-BCB4-DF7337014496\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto una vulnerabilidad de inyecci\\u00f3n de c\\u00f3digo en DlgSelectMibFile.asp en Ipswitch WhatsUp Gold en versiones anteriores al 2018 (18.0). Los actores maliciosos pueden inyectar un archivo MIB SNMP especialmente manipulado que podr\\u00eda permitirles que ejecuten c\\u00f3digo y comandos arbitrarios en el servidor de WhatsUp Gold.\"}]",
      "id": "CVE-2018-8938",
      "lastModified": "2024-11-21T04:14:38.837",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-05-01T16:29:00.443",
      "references": "[{\"url\": \"https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-8938\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-05-01T16:29:00.443\",\"lastModified\":\"2024-11-21T04:14:38.837\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en DlgSelectMibFile.asp en Ipswitch WhatsUp Gold en versiones anteriores al 2018 (18.0). Los actores maliciosos pueden inyectar un archivo MIB SNMP especialmente manipulado que podr\u00eda permitirles que ejecuten c\u00f3digo y comandos arbitrarios en el servidor de WhatsUp Gold.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.0\",\"matchCriteriaId\":\"65B6A821-3150-41CA-BCB4-DF7337014496\"}]}]}],\"references\":[{\"url\":\"https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}

GSD-2018-8938

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-8938

Aliases

CVE-2018-8938

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-8938",
    "description": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.",
    "id": "GSD-2018-8938"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-8938"
      ],
      "details": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.",
      "id": "GSD-2018-8938",
      "modified": "2023-12-13T01:22:34.292423Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-8938",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm",
            "refsource": "CONFIRM",
            "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "18.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-8938"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-06-13T14:20Z",
      "publishedDate": "2018-05-01T16:29Z"
    }
  }
}

GHSA-4RWX-V4CH-C62R

Vulnerability from github – Published: 2022-05-14 03:18 – Updated: 2022-05-14 03:18

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-8938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-01T16:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.",
  "id": "GHSA-4rwx-v4ch-c62r",
  "modified": "2022-05-14T03:18:59Z",
  "published": "2022-05-14T03:18:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8938"
    },
    {
      "type": "WEB",
      "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2018-8938

Vulnerability from fkie_nvd - Published: 2018-05-01 16:29 - Updated: 2024-11-21 04:14

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cve@mitre.org	https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm	Release Notes, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm	Release Notes, Vendor Advisory

Impacted products

	Vendor	Product	Version
	progress	whatsup_gold	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65B6A821-3150-41CA-BCB4-DF7337014496",
              "versionEndExcluding": "18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en DlgSelectMibFile.asp en Ipswitch WhatsUp Gold en versiones anteriores al 2018 (18.0). Los actores maliciosos pueden inyectar un archivo MIB SNMP especialmente manipulado que podr\u00eda permitirles que ejecuten c\u00f3digo y comandos arbitrarios en el servidor de WhatsUp Gold."
    }
  ],
  "id": "CVE-2018-8938",
  "lastModified": "2024-11-21T04:14:38.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-01T16:29:00.443",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201805-0958

Vulnerability from variot - Updated: 2023-12-18 12:56

A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server. Ipswitch WhatsUp Gold Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201805-0958",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "whatsup gold",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "18.0"
      },
      {
        "model": "whatsup gold",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "ipswitch",
        "version": "2018 (18.0)"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "7.0"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "8.03"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "15.02"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "8.01"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "16.3"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "7.03"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "7.04"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "8.0"
      },
      {
        "model": "whatsup gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "11"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:whatsup_gold:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "18.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      }
    ]
  },
  "cve": "CVE-2018-8938",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": true,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-8938",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-138970",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-8938",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-8938",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201805-019",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-138970",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server. Ipswitch WhatsUp Gold Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-8938",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-138970",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "id": "VAR-201805-0958",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:56:58.320000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Release Notes for Ipswitch WhatsUp Gold 2018",
        "trust": 0.8,
        "url": "https://docs.ipswitch.com/nm/whatsupgold2018/01_releasenotes/index.htm"
      },
      {
        "title": "Ipswitch WhatsUp Gold Fixes for code injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79766"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://docs.ipswitch.com/nm/whatsupgold2018/01_releasenotes/index.htm"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8938"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-8938"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "date": "2018-07-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "date": "2018-05-01T16:29:00.443000",
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "date": "2018-05-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-06-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-138970"
      },
      {
        "date": "2018-07-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "date": "2018-06-13T14:20:45.237000",
        "db": "NVD",
        "id": "CVE-2018-8938"
      },
      {
        "date": "2018-05-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ipswitch WhatsUp Gold Code injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004959"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-019"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2018-10223

Vulnerability from cnvd - Published: 2018-05-24

Title

Ipswitch WhatsUp Gold代码注入漏洞

Description

Ipswitch WhatsUp Gold是美国Ipswitch公司的一套统一的基础设施和应用监控软件。该软件支持对网络、服务器、虚拟环境和应用程序的性能进行管理等。 Ipswitch WhatsUp Gold 2018 (18.0)之前版本中的DlgSelectMibFile.asp文件存在代码注入漏洞。攻击者可通过注入特制的SNMP MIB文件利用该漏洞在WhatsUp Gold服务器上执行任意命令和代码。

Severity

高

Patch Name

Ipswitch WhatsUp Gold代码注入漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-8938

Impacted products

Name
Ipswitch WhatsUp Gold <2018 (18.0)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-8938"
    }
  },
  "description": "Ipswitch WhatsUp Gold\u662f\u7f8e\u56fdIpswitch\u516c\u53f8\u7684\u4e00\u5957\u7edf\u4e00\u7684\u57fa\u7840\u8bbe\u65bd\u548c\u5e94\u7528\u76d1\u63a7\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u652f\u6301\u5bf9\u7f51\u7edc\u3001\u670d\u52a1\u5668\u3001\u865a\u62df\u73af\u5883\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u6027\u80fd\u8fdb\u884c\u7ba1\u7406\u7b49\u3002\r\n\r\nIpswitch WhatsUp Gold 2018 (18.0)\u4e4b\u524d\u7248\u672c\u4e2d\u7684DlgSelectMibFile.asp\u6587\u4ef6\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6ce8\u5165\u7279\u5236\u7684SNMP MIB\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5728WhatsUp Gold\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u548c\u4ee3\u7801\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://docs.ipswitch.com/NM/WhatsUpGold2018/01_ReleaseNotes/index.htm",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-10223",
  "openTime": "2018-05-24",
  "patchDescription": "Ipswitch WhatsUp Gold\u662f\u7f8e\u56fdIpswitch\u516c\u53f8\u7684\u4e00\u5957\u7edf\u4e00\u7684\u57fa\u7840\u8bbe\u65bd\u548c\u5e94\u7528\u76d1\u63a7\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u652f\u6301\u5bf9\u7f51\u7edc\u3001\u670d\u52a1\u5668\u3001\u865a\u62df\u73af\u5883\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u6027\u80fd\u8fdb\u884c\u7ba1\u7406\u7b49\u3002\r\n\r\nIpswitch WhatsUp Gold 2018 (18.0)\u4e4b\u524d\u7248\u672c\u4e2d\u7684DlgSelectMibFile.asp\u6587\u4ef6\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6ce8\u5165\u7279\u5236\u7684SNMP MIB\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5728WhatsUp Gold\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u548c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Ipswitch WhatsUp Gold\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Ipswitch WhatsUp Gold \u003c2018 (18.0)"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-8938",
  "serverity": "\u9ad8",
  "submitTime": "2018-05-02",
  "title": "Ipswitch WhatsUp Gold\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-8938 (GCVE-0-2018-8938)

GSD-2018-8938

GHSA-4RWX-V4CH-C62R

FKIE_CVE-2018-8938

VAR-201805-0958

CNVD-2018-10223

Tags

Sightings

Nomenclature