All WhatUp Gold old versions are compromised and user credentials are exploited
All WhatUp Gold old versions are compromised and user
credentials are exploited.
WhatsUp Gold streamlines
network monitoring workflows by letting you initiate management tools directly
from the interactive map. It manages networks, traffic, physical servers, VMs and
applications with easy-to-use and customizable maps, dashboards and
alerts.
Using this we can switch between physical, virtual, wireless,
and dependency views to resolve DevOps monitoring issues or activities quickly.
It is used by the DevOps or networking team in the major
organizations across the globe.
SQL Injection is a web security vulnerability that allows an
attacker to interfere with the queries that an application makes to its
database.
This can allow an attacker to view data that they are not
normally able to retrieve.
This might include data that belongs to other users, or any
other data that the application can access. In many cases, an attacker can
modify or delete this data, causing persistent changes to the application's
content or behaviour.
All old version of the WhatsUp Gold have a SQL Injection
vulnerability which allows an unauthenticated attacker to retrieve the user’s
encrypted password. WhatsUp Gold
authentication to exploit the Active Monitor PowerShell Script and ultimately
download various remote access tools for gaining persistence on the Windows
host.
Hence it is recommended
for all the organization customer of WhatUp Gold utilizing in their network, and DevOps Teams to upgrade their WhatsUp Gold
versions to 2024.0.0
#Network, #SQL Injection, #WhatUp Gold, #Microsoft Windows Server 2016, #Microsoft Windows Server 2019, #Microsoft Windows Server 2022,