{"vuid":"VU#777007","idnumber":"777007","name":"Ipswitch WhatsUp Gold 15.02 contains SQL injection and XSS vulnerabilities","keywords":["xss","sqli","whatsup","ipswitch","cwe-79","cwe-89"],"overview":"Ipswitch WhatsUp Gold 15.02 has been reported to contain blind SQL injection and cross-site scripting vulnerabilities.","clean_desc":"Ipswitch WhatsUp Gold 15.02 has been reported to contain blind SQL injection and cross-site scripting vulnerabilities. CWE-79 - CVE-2012-2601 - Blind SQL Injection\nA blind SQL injection attack may be performed against the WrVMwareHostList.asp file. Proof of Concept: WrVMwareHostList.asp?sGroupList=1;WAITFOR DELAY '0:0:10'--&sDeviceList=3 CWE-89 - CVE-2012-2589 - Cross-site scripting\nThe snmpd.conf file may be maliciously modified to execute arbitrary Javascript. Proof of Concept: sysName <script>alert(124)</script>pt>> The CVSS score below applies to CVE-2012-2601.","impact":"An attacker may be able to execute arbitrary SQL commands and script.","resolution":"Apply an Update\nWhatsUp Gold 15.03 has been released to address these vulnerabilities.","workarounds":"","sysaffected":"","thanks":"Thanks to Devon Kearns of Offensive Security for reporting this vulnerability.","author":"This document was written by Jared Allar.","public":["http://docs.ipswitch.com/NM/79_WhatsUp%20Gold%20v15/01_Release%20Notes/index.htm","http://www.exploit-db.com/exploits/20035/","http://cwe.mitre.org/data/definitions/79.html","http://cwe.mitre.org/data/definitions/89.html"],"cveids":["CVE-2012-2601","CVE-2012-2589"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2012-05-30T13:10:10Z","publicdate":"2012-07-22T00:00:00Z","datefirstpublished":"2012-09-04T14:43:09Z","dateupdated":"2014-07-29T21:56:59Z","revision":22,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"P","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.5","cvss_basevector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss_temporalscore":"5.9","cvss_environmentalscore":"1.46512201740581","cvss_environmentalvector":"CDP:ND/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}