CVE-2022-29846
https://notcve.org/view.php?id=CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. En Ipswitch Progress WhatsUp Gold versiones 16.1 hasta 21.1.1, y 22.0.0, es posible que un atacante no autenticado obtenga el número de serie de la instalación de WhatsUp Gold • https://community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022 https://www.progress.com/network-monitoring •
CVE-2022-29845
https://notcve.org/view.php?id=CVE-2022-29845
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. En Progress Ipswitch WhatsUp Gold versiones 21.1.0 hasta 21.1.1, y 22.0.0, es posible que un usuario autenticado invoque una transacción API que le permita leer el contenido de un archivo local • https://community.progress.com/s/article/WhatsUp-Gold-Critical-Product-Alert-May-2022 https://www.progress.com/network-monitoring • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •