CVE-2021-35243

Summary

The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the origin server removes the association between the target resource and its current functionality. Improper use of these methods may lead to a loss of integrity.

Affected Software

VendorProductVersion RangeStatus
SolarWindsWeb Help Desk12.7.7 and previous versions 12.7.7 HF1affected

Weaknesses

  • CWE-749: CWE-749 Exposed Dangerous Method or Function

ADP Enrichment

CVE Program Container

Additional References

References