| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.8 | $0-$5k | 0.00 |
Summary
A vulnerability identified as critical has been detected in Ipswitch Whatsup Gold up to 16.3. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2015-6005. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.
Details
A vulnerability was found in Ipswitch Whatsup Gold up to 16.3 (Network Management Software) and classified as critical. This issue affects some unknown functionality. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare the problem leads to CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Impacted is confidentiality, and integrity. The summary by CVE is:
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field.
The weakness was disclosed 12/27/2015 by Noam Rathaus with Rapid7 (Website). It is possible to read the advisory at kb.cert.org. The identification of this vulnerability is CVE-2015-6005 since 08/14/2015. The exploitation is known to be easy. The attack may be initiated remotely. A simple authentication is required for exploitation. It demands that the victim is doing some kind of user interaction. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1059.007 according to MITRE ATT&CK.
The vulnerability scanner Nessus provides a plugin with the ID 88097 (Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows and running in the context l.
Upgrading to version 16.4 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (88097), SecurityFocus (BID 79506†) and Vulnerability Center (SBV-55598†). The entries VDB-79906 and VDB-80109 are pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.ipswitch.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.9VulDB Meta Temp Score: 6.7
VulDB Base Score: 6.9
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.9
NVD Vector: 🔍
CNA Base Score: 6.9
CNA Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cross site scriptingCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 88097
Nessus Name: Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 100718
OpenVAS Name: Ipswitch WhatsUp Multiple Vulnerabilities
OpenVAS File: 🔍
OpenVAS Family: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Whatsup Gold 16.4
Timeline
08/14/2015 🔍12/16/2015 🔍
12/16/2015 🔍
12/16/2015 🔍
12/26/2015 🔍
12/27/2015 🔍
12/28/2015 🔍
01/10/2016 🔍
01/22/2016 🔍
11/08/2024 🔍
Sources
Vendor: ipswitch.comAdvisory: kb.cert.org
Researcher: Noam Rathaus
Organization: Rapid7
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2015-6005 (🔍)
GCVE (CVE): GCVE-0-2015-6005
GCVE (VulDB): GCVE-100-79907
CERT: 🔍
SecurityFocus: 79506 - Ipswitch WhatsUp Gold Multiple HTML Injection and SQL Injection Vulnerabilities
SecurityTracker: 1034833
Vulnerability Center: 55598 - IPSwitch WhatsUp Gold <16.4 Multiple XSS Vulnerabilities due to Improper Neutralization of Script-Related HTML Tags, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 12/28/2015 14:14Updated: 11/08/2024 19:02
Changes: 12/28/2015 14:14 (67), 06/20/2018 08:47 (17), 07/01/2022 14:38 (3), 07/01/2022 14:43 (1), 08/27/2024 20:40 (27), 11/08/2024 19:02 (7)
Complete: 🔍
Cache ID: 216:EAC:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.