What is CVE-2022-29847?

CVE-2022-29847 is a vulnerability in N/a. Published 2022-05-11.

Is CVE-2022-29847 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.

EPSS: 0.847 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon

References

www.progress.com/network-monitoring (x_refsource_MISC)
community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-29847?: CVE-2022-29847 is a vulnerability in N/a. Published 2022-05-11.
Is CVE-2022-29847 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.