What is the severity of CVE-2024-45709?

CVE-2024-45709 has a low severity rating due to its limited exposure requirements.

How do I fix CVE-2024-45709?

To fix CVE-2024-45709, ensure that SolarWinds Web Help Desk is not running in development/test mode.

Which versions of SolarWinds Web Help Desk are affected by CVE-2024-45709?

CVE-2024-45709 affects all versions of SolarWinds Web Help Desk that are installed on Linux and configured in test mode.

Is CVE-2024-45709 exploitable remotely?

CVE-2024-45709 is not remotely exploitable as it requires local access to the affected system.

What does the local file read vulnerability in CVE-2024-45709 entail?

The local file read vulnerability in CVE-2024-45709 allows unauthorized users to read sensitive files from the system if the configuration is in a non-secure mode.

Vulnerability/
CVE-2024-45709

medium

5.5

CWE

10/12/2024

25/2/2025

CVE-2024-45709: SolarWinds Web Help Desk Local File Read Vulnerability

First published: Tue Dec 10 2024(Updated: )

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.

Credit: psirt@solarwinds.com

Affected Software	Affected Version	How to fix
SolarWinds
SolarWinds	<12.8.4

Remedy

SolarWinds recommends customers upgrade to SolarWinds Web Help Desk 12.8.4 as soon as it becomes available.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-45709?
CVE-2024-45709 has a low severity rating due to its limited exposure requirements.
How do I fix CVE-2024-45709?
To fix CVE-2024-45709, ensure that SolarWinds Web Help Desk is not running in development/test mode.
Which versions of SolarWinds Web Help Desk are affected by CVE-2024-45709?
CVE-2024-45709 affects all versions of SolarWinds Web Help Desk that are installed on Linux and configured in test mode.
Is CVE-2024-45709 exploitable remotely?
CVE-2024-45709 is not remotely exploitable as it requires local access to the affected system.
What does the local file read vulnerability in CVE-2024-45709 entail?
The local file read vulnerability in CVE-2024-45709 allows unauthorized users to read sensitive files from the system if the configuration is in a non-secure mode.

agent/remedy
agent/title
agent/weakness
agent/references
agent/first-publish-date
agent/description
agent/type
collector/nvd-api
source/NVD
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/solarwinds
canonical/solarwinds

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.