CVE-2022-29848
Published: 11 May 2022
Summary
CVE-2022-29848 is a medium-severity SSRF (CWE-918) vulnerability in Progress Whatsup Gold. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 1.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2022-29848 affects Progress Ipswitch WhatsUp Gold versions 17.0.0 through 21.1.1 and 22.0.0. The flaw is an instance of server-side request forgery (CWE-918) that permits an authenticated user to invoke an API call returning sensitive operating-system attributes from any host reachable by the WhatsUp Gold server. The issue carries a CVSS 3.1 base score of 6.5.
An attacker who already possesses valid credentials can exploit the vulnerability over the network to obtain high-impact confidentiality data from monitored hosts without user interaction. Because the request originates from the WhatsUp Gold server itself, the attacker can reach internal systems that would otherwise be inaccessible.
Public advisories published by Progress in May 2022 reference the affected product versions and direct administrators to the vendor’s network-monitoring support pages for further guidance.
The associated EPSS score reached a peak of 0.6110, indicating material post-disclosure exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-34166
Vulnerability details
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp…
more
Gold system.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.
Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.
Validates server-side URLs and resource references to block SSRF attempts.
Detects server-side request forgery through monitoring of unexpected outbound connections.