Ipswitch WhatsUp Gold Multiple Vulnerabilities
High Nessus Plugin ID 62186
SynopsisAn application on the remote host is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of Ipswitch WhatsUp Gold prior to 15.0.3 and, as such, may be affected by the following vulnerabilities :
- There is a blind SQL injection vulnerability in the 'sGroupList' parameter of the 'WrVMwareHostList.asp' script. (CVE-2012-2601)
- An unspecified cross-site scripting vulnerability exists involving the SNMP system name. (CVE-2012-4344)
SolutionUpgrade to Ipswitch WhatsUp Gold 15.0.3 or later.