SolarWinds Web Help Desk Local File Read Vulnerability (CVE-2024-45709)

Summary

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.

Affected Products

SolarWinds Web Help Desk 12.8.3 HF 3 and prior versions

Fixed Software Release

Web Help Desk 12.8.4

Acknowledgments

Harsh Jaiswal from Project Discovery

Advisory Details

Severity

Medium

Advisory ID

CVE-2024-45709

First Published

12/10/2024

Fixed Version

Web Help Desk 12.8.4

CVSS Score

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Download PDF

Send an Email