What is CVE-2022-29848?

CVE-2022-29848 is a vulnerability in N/a. Published 2022-05-11.

Is CVE-2022-29848 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible b…

EPSS: 0.611 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores
ARPSyndicate/cvemon

References

www.progress.com/network-monitoring (x_refsource_MISC)
community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-29848?: CVE-2022-29848 is a vulnerability in N/a. Published 2022-05-11.
Is CVE-2022-29848 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.