Kaspersky LabKLA10228KLA10228 ACE vulnerability in WhatsUp Professional
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.0%
An SQL injection vulnerability was found in WhatsUp Professional. By exploiting this vulnerability malicious users can execute arbitrary SQL commands. This vulnerability can be exploited remotely at points related to the logon screen.
Original advisories
Related products
CVE list
CVE-2005-1250 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Affected Products
- Ipswitch WhatsUp Professional version 2005 SP1
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.0%