SolarWinds Web Help Desk Cryptographic Key Management Vulnerability (CVE-2024-28989)

Summary

SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software. 

Affected Products

  • SolarWinds Web Help Desk 12.8.4 and all previous versions

Fixed Software Release

  • SolarWinds Web Help Desk 12.8.5
Advisory Details
Severity
Medium
Advisory ID

CVE-2024-28989

First Published
02/11/2025
Version

SolarWinds Web Help Desk 12.8.5

CVSS Score

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Download PDF
Send an Email