SolarWinds Web Help Desk 12.7.9

CPE Details

SolarWinds Web Help Desk 12.7.9
solarwinds
web_help_desk
12.7.9
2024-09-07
13h44 +00:00
2024-09-07
13h44 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:solarwinds:web_help_desk:12.7.9:*:*:*:*:*:*:*

Informations

Vendor

solarwinds

Product

web_help_desk

Version

12.7.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-28989 2025-02-11 07h13 +00:00 SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software.
5.5
Medium
CVE-2024-45709 2024-12-10 08h20 +00:00 SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.
5.5
Medium
CVE-2024-28987 2024-08-21 21h17 +00:00 The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
9.1
Critical
CVE-2024-28986 2024-08-13 22h06 +00:00 SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.   However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.
9.8
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.