CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
First published: Wed Aug 21 2024(Updated: )
SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.
Credit: psirt@solarwinds.com psirt@solarwinds.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Web Help Desk | ||
| SolarWinds Web Help Desk | <12.8.3 | |
| SolarWinds Web Help Desk | =12.8.3 | |
| SolarWinds Web Help Desk | =12.8.3-hotfix1 | |
| <12.8.3 | ||
| =12.8.3 | ||
| =12.8.3-hotfix1 |
Remedy
SolarWinds recommends that customers upgrade to SolarWinds Web Help Desk v12.8.3 HF2 as soon as it becomes available.
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/solarwinds-fixes-hardcoded-credentials-flaw-in-web-help-desk/
- https://www.theregister.com/2024/08/22/hardcoded_credentials_bug_solarwinds_whd/
- https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987
- https://nvd.nist.gov/vuln/detail/CVE-2024-28987
- https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2
- https://www.bleepingcomputer.com/news/security/solarwinds-web-help-desk-flaw-is-now-exploited-in-attacks/
- https://www.theregister.com/2024/10/16/solarwinds_critical_hardcoded_credential_bug/
Frequently Asked Questions
What is the severity of CVE-2024-28987?
CVE-2024-28987 has a high severity rating due to its potential for unauthorized remote access and data modification.
How do I fix CVE-2024-28987?
To fix CVE-2024-28987, users should update SolarWinds Web Help Desk to the latest version that addresses the hardcoded credential vulnerability.
What impact does CVE-2024-28987 have on SolarWinds Web Help Desk?
CVE-2024-28987 allows remote, unauthenticated users to access internal functionality, potentially compromising sensitive data.
Which versions of SolarWinds Web Help Desk are affected by CVE-2024-28987?
CVE-2024-28987 affects SolarWinds Web Help Desk versions up to 12.8.3, including 12.8.3-hotfix1.
Is a user authentication required to exploit CVE-2024-28987?
No, CVE-2024-28987 can be exploited by remote, unauthenticated users.
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- agent/severity
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-28987
- alias/CVE-2024-28986
- collector/the-register
- source/The Register
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/remedy
- agent/description
- alias/CVE-2024-30088
- alias/CVE-2024-9680
- agent/references
- agent/author
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- collector/nvd-cve
- agent/tags
- agent/trending
- agent/source
- vendor/solarwinds
- canonical/solarwinds web help desk
- version/solarwinds web help desk/12.8.3
- version/solarwinds web help desk/12.8.3-hotfix1