CVE-2024-28987

Summary

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

Affected Software

VendorProductVersion RangeStatus
SolarWindsWeb Help Desk12.8.3 Hotfix 1 and previous versionsaffected

Weaknesses

  • CWE-798: CWE-798 Use of Hard-coded Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

CVE Program Container

Additional References

References