SolarWinds Web Help Desk Cryptographic Key Management Vulnerability 

(CVE-2024-28989)

Download PDF

Summary

SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software. 

Affected Products

  • SolarWinds Web Help Desk 12.8.4 and all previous versions

Fixed Software Release

  • SolarWinds Web Help Desk 12.8.5

Advisory Details

Severity

5.5 Medium

Advisory ID

First Published

02/11/2025

Version

SolarWinds Web Help Desk 12.8.5

CVSS Score

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N