SolarWinds Web Help Desk Local File Read Vulnerability 

(CVE-2024-45709)

Summary

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.

Affected Products

  • SolarWinds Web Help Desk 12.8.3 HF 3 and prior versions

Fixed Software Release

  • Web Help Desk 12.8.4

Acknowledgments

  • Harsh Jaiswal from Project Discovery

Advisory Details

Severity

5.3 Medium

Advisory ID

First Published

12/10/2024

Fixed Version

Web Help Desk 12.8.4